My start search-Odstranenie

[domino65]

Zdravim, mam problem s Mystartsearch, neviem to dostat z PC. Podobnu temu som tu uz nasiel, ale neviem ci mozem postupovat rovnako. Prosim o radu.

[Rudy]

Zdravím!
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 .

[domino65]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Domino at 2014-10-25 18:22:05
Microsoft Windows 8.1
System drive C: has 294 GB (63%) free of 466 GB
Total RAM: 3514 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:22:16, on 25.10.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
C:\Users\Domino\AppData\Local\Akamai\netsession_win.exe
C:\Users\Domino\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
C:\Program Files\WindowsApps\Evernote.Evernote_2.3.6.0_x86__q4d96b2w5wcc2\EvernoteMetro.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Domino\Downloads\adwcleaner_4.001.exe
C:\Program Files\trend micro\Domino.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [niDevMon] C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Domino\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [NIRegistrationWizard] C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1051
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: Need for Speed™ Undercover Registration.lnk = C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe
O4 - Startup: TornTvDownloader.lnk = Domino\AppData\Roaming\TornTV.com\Torntv Downloader.exe
O4 - Startup: Typle.lnk = C:\Program Files (x86)\Typle2.0v\Typle.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NI Error Reporting.lnk = C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NI Citadel 4 Service (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe
O23 - Service: NI PSP Service Locator (lkClassAds) - National Instruments Corporation - C:\Windows\SysWOW64\lkads.exe
O23 - Service: NI Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\SysWOW64\lktsrv.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Autodesk Simulation Moldflow MITSI 2015 Job Manager (mitsijm2015) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
O23 - Service: NI Application Web Server (NIApplicationWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
O23 - Service: NI Authentication Service (niauth) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
O23 - Service: NI Device Loader (nidevldu) - National Instruments Corporation - C:\Windows\SysWOW64\nipalsm.exe
O23 - Service: NI Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI License Server (NILM License Manager) - Macrovision Corporation - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI LXI Discovery Service (niLXIDiscovery) - National Instruments Corporation - C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
O23 - Service: NI mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service: NI Network Discovery (NINetworkDiscovery) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
O23 - Service: NI PXI Resource Manager (nipxirmu) - National Instruments Corporation - C:\Windows\SysWOW64\nipxism.exe
O23 - Service: NI-RIO Server (NiRioRpc) - National Instruments Corporation - C:\Windows\SysWOW64\NiRioRpc.exe
O23 - Service: NI Service Locator (NiSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe
O23 - Service: NI System Web Server (NISystemWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\SysWOW64\Opcenum.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14211 bytes

======Listing Processes======





wininit.exe


C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
dashost.exe {8b12a9fd-7f1f-4b95-9a4ff7b576fa8754}
taskhostex.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDService.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\Windows\SysWOW64\lkads.exe
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Program Files (x86)\National Instruments\MAX\nimxs.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe" -start
C:\Windows\SysWOW64\nipalsm.exe
"C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe"
"C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe" -s
"C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe"
C:\Windows\SysWOW64\UMonit64.exe
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Windows\SysWOW64\lkcitdl.exe
C:\Windows\SysWOW64\lktsrv.exe
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe"
C:\Windows\SysWOW64\nipxism.exe
"C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe" -system
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
NIWebServiceContainer.exe {B7B4E5F4-9643-424C-B2D7-7C08536D0A14} 3352 844 21
"C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe"
"ConnectifyD.exe"
NIWebServiceContainer.exe {3FC6A45E-A3AD-47C5-870E-A1CBC408ED94} 3352 864 21
"C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user
\??\C:\Windows\system32\conhost.exe 0x4
NIWebServiceContainer.exe {E16D1C0E-2189-44AF-9806-43D7DF7F6DA0} 4748 860 21
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\TOSHIBA\Teco\TecoResident.exe"
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe"
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
"C:\Users\Domino\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/Domino/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"

"C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
"C:\Program Files\WindowsApps\Evernote.Evernote_2.3.6.0_x86__q4d96b2w5wcc2\EvernoteMetro.exe" -ServerName:App.AppXcm5cntgqx4fv1et6j63tndxjhxc09r4k.mca
"C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
explorer.exe
"C:\Users\Domino\Downloads\adwcleaner_4.001.exe"
"C:\Users\Domino\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Domino\AppData\Roaming\Mozilla\Firefox\Profiles\iooxqr6b.default-1401903420372

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npIMAQAXControl.dll
nplv2010win32.dll
nplv2011win32.dll
nplv2012win32.dll
NPLV82Win32.dll
nplv90win32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-05 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2014-01-23 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-05 457712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-09-12 2890056]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2013-04-11 429792]
"Akamai NetSession Interface"=C:\Users\Domino\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]
"NIRegistrationWizard"=C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [2013-04-19 847000]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2013-08-06 34160]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-09 4085896]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2014-04-01 480648]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"niDevMon"=C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe [2012-07-11 110224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
NI Error Reporting.lnk - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe

C:\Users\Domino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Need for Speed™ Undercover Registration.lnk - C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe
TornTvDownloader.lnk - C:\Users\Domino\AppData\Roaming\TornTV.com\Torntv Downloader.exe
Typle.lnk - C:\Program Files (x86)\Typle2.0v\Typle.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-10-25 18:22:05 ----D---- C:\rsit
2014-10-25 18:22:05 ----D---- C:\Program Files\trend micro
2014-10-25 17:24:28 ----A---- C:\ProgramData\pclunst.exe
2014-10-25 17:24:08 ----D---- C:\ProgramData\PC1Data
2014-10-25 16:50:58 ----RHD---- C:\Users\Domino\AppData\Roaming\SecuROM
2014-10-25 16:48:52 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2014-10-25 16:47:02 ----D---- C:\Windows\SYSWOW64\xlive
2014-10-25 16:47:01 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-10-24 16:15:12 ----D---- C:\Program Files (x86)\RAR Password Unlocker
2014-10-16 22:00:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-15 18:37:27 ----A---- C:\Windows\system32\MrmCoreR.dll
2014-10-15 18:37:26 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2014-10-15 18:37:23 ----A---- C:\Windows\system32\winbici.dll
2014-10-15 18:37:07 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 18:37:07 ----A---- C:\Windows\system32\msi.dll
2014-10-15 18:37:06 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-10-15 18:37:06 ----A---- C:\Windows\system32\authui.dll
2014-10-15 18:37:06 ----A---- C:\Windows\system32\appinfo.dll
2014-10-15 18:36:28 ----A---- C:\Windows\system32\packager.dll
2014-10-15 18:36:27 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 18:35:54 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 18:34:55 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 18:34:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 18:34:37 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 18:34:34 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 18:34:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 18:34:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 18:34:27 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 18:34:27 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 18:34:26 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 18:34:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 18:34:25 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 18:34:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 18:34:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 18:34:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 18:34:21 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 18:34:21 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 18:34:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 18:34:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 18:34:17 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 18:34:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 18:34:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 18:34:17 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 18:34:17 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 18:34:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 18:34:16 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 18:34:16 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 18:34:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 18:34:15 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 18:29:51 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 18:29:51 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 18:26:35 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-15 18:26:34 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-10-15 18:26:34 ----A---- C:\Windows\system32\wups.dll
2014-10-15 18:26:34 ----A---- C:\Windows\system32\wucltux.dll
2014-10-15 18:26:34 ----A---- C:\Windows\system32\wuapi.dll
2014-10-15 18:26:33 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-10-15 18:26:33 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-15 18:26:33 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-10-15 18:26:33 ----A---- C:\Windows\system32\wups2.dll
2014-10-15 18:26:33 ----A---- C:\Windows\system32\wudriver.dll
2014-10-15 18:26:33 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-15 18:26:32 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-10-15 18:26:32 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-10-15 18:26:32 ----A---- C:\Windows\system32\wuapp.exe
2014-10-15 18:25:44 ----A---- C:\Windows\system32\shell32.dll
2014-10-15 18:25:40 ----A---- C:\Windows\system32\Windows.UI.Search.dll
2014-10-15 18:25:38 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-10-15 18:25:37 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2014-10-15 18:25:36 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 18:25:35 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 18:25:35 ----A---- C:\Windows\system32\SyncEngine.dll
2014-10-15 18:25:34 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-10-15 18:25:32 ----A---- C:\Windows\system32\SearchFolder.dll
2014-10-15 18:25:32 ----A---- C:\Windows\system32\ntdll.dll
2014-10-15 18:25:32 ----A---- C:\Windows\system32\KernelBase.dll
2014-10-15 18:25:30 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-10-15 18:25:30 ----A---- C:\Windows\system32\propsys.dll
2014-10-15 18:25:26 ----A---- C:\Windows\system32\WSShared.dll
2014-10-15 18:25:25 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-10-15 18:25:25 ----A---- C:\Windows\system32\Wldap32.dll
2014-10-15 18:25:25 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-10-15 18:25:24 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2014-10-15 18:25:23 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-10-15 18:25:22 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2014-10-15 18:25:22 ----A---- C:\Windows\SYSWOW64\propsys.dll
2014-10-15 18:25:22 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-15 18:25:19 ----A---- C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-15 18:25:17 ----A---- C:\Windows\system32\SkyDrive.exe
2014-10-15 18:25:17 ----A---- C:\Windows\system32\bisrv.dll
2014-10-15 18:25:13 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-10-15 18:25:11 ----A---- C:\Windows\SYSWOW64\SkyDriveShell.dll
2014-10-15 18:25:11 ----A---- C:\Windows\system32\SkyDriveShell.dll
2014-10-15 18:25:11 ----A---- C:\Windows\system32\pcsvDevice.dll
2014-10-15 18:25:11 ----A---- C:\Windows\system32\httpprxm.dll
2014-10-15 18:25:10 ----A---- C:\Windows\system32\ProximityService.dll
2014-10-15 18:25:10 ----A---- C:\Windows\system32\adhsvc.dll
2014-10-15 18:25:09 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 18:25:08 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-13 23:52:29 ----D---- C:\My Works
2014-10-13 23:52:20 ----D---- C:\Users\Domino\AppData\Roaming\CyberLink
2014-10-13 21:35:43 ----D---- C:\ProgramData\install_clap
2014-10-13 21:32:42 ----D---- C:\ProgramData\CLSK
2014-10-13 21:32:24 ----D---- C:\ProgramData\CyberLink
2014-10-13 21:31:56 ----D---- C:\ProgramData\Temp
2014-10-12 14:14:47 ----D---- C:\ProgramData\PXISA
2014-10-12 14:11:11 ----D---- C:\Program Files (x86)\cameralink
2014-10-12 14:05:22 ----D---- C:\Program Files\cameralink
2014-10-12 13:52:04 ----D---- C:\ProgramData\IVI Foundation
2014-10-12 13:52:04 ----D---- C:\Program Files\IVI Foundation
2014-10-12 13:52:04 ----D---- C:\Program Files (x86)\IVI Foundation
2014-10-03 19:02:07 ----A---- C:\Users\Domino\AppData\Roaming\All CPU MeterV3_Settings.ini

======List of files/folders modified in the last 1 month======

2014-10-25 18:22:08 ----D---- C:\Windows\Prefetch
2014-10-25 18:22:05 ----D---- C:\Program Files
2014-10-25 18:19:38 ----D---- C:\AdwCleaner
2014-10-25 18:03:43 ----D---- C:\Users\Domino\AppData\Roaming\uTorrent
2014-10-25 18:03:04 ----D---- C:\Windows\Logs
2014-10-25 18:03:04 ----D---- C:\Windows\debug
2014-10-25 18:03:04 ----AD---- C:\Windows
2014-10-25 18:03:03 ----D---- C:\Windows\Temp
2014-10-25 18:02:15 ----D---- C:\Program Files (x86)
2014-10-25 18:00:56 ----D---- C:\Windows\AppReadiness
2014-10-25 18:00:55 ----HD---- C:\Program Files\WindowsApps
2014-10-25 18:00:09 ----D---- C:\Windows\system32\sru
2014-10-25 17:58:39 ----D---- C:\Program Files (x86)\TOSHIBA Games
2014-10-25 17:57:46 ----D---- C:\Users\Domino\AppData\Roaming\WildTangent
2014-10-25 17:57:46 ----D---- C:\ProgramData\WildTangent
2014-10-25 17:57:06 ----D---- C:\Program Files (x86)\Spintires
2014-10-25 17:56:51 ----D---- C:\Windows\system32\Tasks
2014-10-25 17:56:50 ----HD---- C:\ProgramData
2014-10-25 17:56:16 ----SHD---- C:\Windows\Installer
2014-10-25 17:56:16 ----HD---- C:\Config.Msi
2014-10-25 17:52:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-25 17:46:21 ----D---- C:\Program Files (x86)\Common Files
2014-10-25 17:46:07 ----DC---- C:\Windows\system32\DRVSTORE
2014-10-25 17:46:07 ----D---- C:\Windows\system32\drivers
2014-10-25 17:44:37 ----D---- C:\Windows\Tasks
2014-10-25 17:34:16 ----SD---- C:\ProgramData\Microsoft
2014-10-25 17:34:16 ----D---- C:\Program Files (x86)\Microsoft
2014-10-25 17:33:07 ----D---- C:\Program Files (x86)\Advanced Fix 2013
2014-10-25 17:32:30 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2014-10-25 17:32:27 ----SHD---- C:\Program Files\Windows Sidebar
2014-10-25 17:29:41 ----D---- C:\Windows\system32\config
2014-10-25 17:25:32 ----D---- C:\Windows\WinSxS
2014-10-25 16:48:52 ----D---- C:\Windows\SysWOW64
2014-10-25 16:48:16 ----SHD---- C:\System Volume Information
2014-10-25 16:47:50 ----RSD---- C:\Windows\assembly
2014-10-24 19:15:28 ----D---- C:\Windows\SoftwareDistribution
2014-10-24 18:50:46 ----D---- C:\Users\Domino\AppData\Roaming\ICQ
2014-10-24 13:26:13 ----D---- C:\Users\Domino\AppData\Roaming\vlc
2014-10-23 18:16:32 ----D---- C:\Windows\Inf
2014-10-22 21:14:06 ----D---- C:\Windows\Microsoft.NET
2014-10-22 21:09:00 ----D---- C:\Windows\system32\DriverStore
2014-10-17 17:27:03 ----D---- C:\Windows\system32\NDF
2014-10-16 21:53:37 ----RAD---- C:\Windows\System32
2014-10-16 21:53:37 ----D---- C:\Windows\MediaViewer
2014-10-16 21:53:36 ----D---- C:\Windows\FileManager
2014-10-16 21:53:36 ----D---- C:\Windows\Camera
2014-10-16 21:53:35 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-10-16 21:53:35 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-16 21:53:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-16 21:53:35 ----D---- C:\Program Files\Internet Explorer
2014-10-16 21:53:35 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-16 21:53:34 ----D---- C:\Windows\system32\sk-SK
2014-10-16 21:53:34 ----D---- C:\Windows\system32\en-US
2014-10-16 21:53:34 ----D---- C:\Windows\system32\cs-CZ
2014-10-16 21:53:32 ----RD---- C:\Windows\ToastData
2014-10-16 21:53:30 ----D---- C:\Windows\WinStore
2014-10-16 21:53:11 ----D---- C:\Windows\CbsTemp
2014-10-16 20:58:33 ----D---- C:\ProgramData\Microsoft Help
2014-10-16 20:49:15 ----D---- C:\Windows\system32\MRT
2014-10-16 20:49:12 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 23:26:07 ----D---- C:\Windows\system32\catroot
2014-10-15 18:30:21 ----D---- C:\Windows\system32\catroot2
2014-10-13 21:30:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-12 16:24:32 ----D---- C:\ProgramData\National Instruments
2014-10-12 14:18:46 ----D---- C:\Program Files\National Instruments
2014-10-12 14:14:32 ----D---- C:\Program Files (x86)\National Instruments
2014-10-12 14:02:19 ----RSD---- C:\Windows\Fonts
2014-10-04 19:54:56 ----D---- C:\Autodesk
2014-10-04 12:01:30 ----D---- C:\Windows\system32\wdi
2014-10-01 20:15:29 ----D---- C:\Windows\rescache
2014-09-26 20:38:36 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-05 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-05 224896]
R0 LPCFilter;@oem14.inf,%LPCFilter.SvcDesc%;LPC Lower Filter Driver; C:\Windows\System32\drivers\LPCFilter.sys [2013-08-01 35672]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-08-07 776168]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-08-07 343568]
R0 NIPALK;NIPALK; C:\Windows\System32\drivers\nipalk.sys [2014-06-05 773464]
R0 nipbcfk;National Instruments Class Upper Filter Driver; C:\Windows\System32\drivers\nipbcfk.sys [2014-02-28 19288]
R0 nipxibaf;National Instruments PXI Bridge Access Driver; C:\Windows\System32\drivers\nipxibaf.sys [2014-06-12 89992]
R0 nipxibrc;National Instruments PXI Bridge Configuration Driver; C:\Windows\System32\drivers\nipxibrc.sys [2014-05-16 70336]
R0 nischifk;NI SoftCore Chinch Filter Driver; C:\Windows\System32\Drivers\nischifk.sys [2014-06-11 66936]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-05 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-05 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-05 427360]
R1 cnnctfy3;@oem59.inf,%cnnctfy3_Desc%;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy3.sys [2014-07-05 35352]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys [2008-01-02 24848]
R2 APXACC;@oem3.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\Windows\system32\DRIVERS\appexDrv.sys [2013-04-18 219360]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-05 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-05 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-05 92008]
R2 nipxirmk;nipxirmk; \??\C:\Windows\system32\drivers\nipxirmkl.sys [2014-01-09 15184]
R2 nistreamk;nistreamk; C:\Windows\system32\drivers\nistreamkl.sys [2014-06-04 24912]
R2 NiViPxiK;NI-VISA PXI Driver; C:\Windows\System32\drivers\NiViPxiKl.sys [2014-06-13 15200]
R3 AmdAS4;@oem2.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\Windows\System32\drivers\AmdAS4.sys [2013-02-07 17504]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-05-01 13941760]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-05-01 628224]
R3 athr;@oem12.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-10-24 3858944]
R3 AtiHDAudioService;@oem4.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2013-06-22 138240]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2013-10-14 20312]
R3 ETD;@oem15.inf,%PS2.DeviceDesc%;ELAN PS/2_SMBus Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-09-12 377672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-13 3588184]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-08-07 310224]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-08-07 519064]
R3 nidimk;nidimk; \??\C:\Windows\system32\drivers\nidimkl.sys [2014-03-13 15200]
R3 NIEthernetDeviceEnumerator;@oem83.inf,%NIEthernetDeviceEnumerator.ServiceDesc%;NI Ethernet Device Enumerator Driver; C:\Windows\System32\drivers\niede.sys [2012-01-12 38064]
R3 niimaqdxk;niimaqdxk; C:\Windows\system32\drivers\niimaqdxkl.sys [2014-06-25 15160]
R3 nimdbgk;nimdbgk; \??\C:\Windows\system32\drivers\nimdbgkl.sys [2014-03-13 15200]
R3 nimru2k;nimru2k; \??\C:\Windows\system32\drivers\nimru2kl.sys [2012-06-28 13008]
R3 nimstsk;nimstsk; \??\C:\Windows\system32\drivers\nimstskl.sys [2012-07-09 13008]
R3 nimxdfk;nimxdfk; \??\C:\Windows\system32\drivers\nimxdfkl.sys [2014-03-13 15184]
R3 NiViPciK;NI-VISA PCI Driver; C:\Windows\System32\drivers\NiViPciKl.sys [2014-06-13 15200]
R3 RTL8168;@oem6.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-07-26 827096]
R3 SmbDrv;SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [2013-10-30 30448]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2013-08-07 69264]
S3 AndNetDiag;@oem47.inf,%Lgsi.Service.Name%;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2014-05-27 29184]
S3 ANDNetModem;@oem49.inf,%LGSI.Service.Name%;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2014-05-27 36352]
S3 aswTap;@oem65.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-07-05 44640]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2013-08-07 70112]
S3 dot4;@oem22.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-09-25 151968]
S3 Dot4Print;@oem23.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-09-25 27040]
S3 dot4usb;@oem22.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-09-25 49056]
S3 ETDSMBus;ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [2013-08-07 23368]
S3 GeneStor;@oem13.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\Windows\System32\drivers\GeneStor.sys [2013-08-02 100072]
S3 lvalarmk;lvalarmk; \??\C:\Windows\system32\drivers\lvalarmk.sys [2012-06-29 25336]
S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-08-07 179664]
S3 ni1045k;NI PXI-1045 Chassis Pilot; \??\C:\Windows\system32\drivers\ni1045kl.sys [2014-05-16 12984]
S3 ni1065k;NI PXIe-1065 Chassis Pilot; \??\C:\Windows\system32\drivers\ni1065k.sys [2014-05-16 30032]
S3 nicdcck;nicdcck; \??\C:\Windows\system32\drivers\nicdcckl.sys [2012-07-10 12992]
S3 nicdrk;nicdrk; \??\C:\Windows\system32\drivers\nicdrkl.sys [2011-07-21 11864]
S3 nicmrk;nicmrk; \??\C:\Windows\system32\drivers\nicmrkl.sys [2012-10-08 13008]
S3 nicondrk;nicondrk; \??\C:\Windows\system32\drivers\nicondrkl.sys [2012-10-08 12976]
S3 nicsrk;nicsrk; \??\C:\Windows\system32\drivers\nicsrkl.sys [2012-10-08 12976]
S3 nidmxfk;nidmxfk; \??\C:\Windows\system32\drivers\nidmxfkl.sys [2012-07-09 12976]
S3 nidsark;nidsark; \??\C:\Windows\system32\drivers\nidsarkl.sys [2012-07-16 12992]
S3 niemrk;niemrk; \??\C:\Windows\system32\drivers\niemrkl.sys [2012-10-08 12976]
S3 niesrk;niesrk; \??\C:\Windows\system32\drivers\niesrkl.sys [2012-10-08 12976]
S3 nifslk;nifslk; \??\C:\Windows\system32\drivers\nifslkl.sys [2012-07-09 12992]
S3 niimaqk;NI-IMAQ Driver; C:\Windows\system32\drivers\niimaqk.sys []
S3 nimsdrk;nimsdrk; \??\C:\Windows\system32\drivers\nimsdrkl.sys [2012-07-09 13032]
S3 nimxpk;nimxpk; \??\C:\Windows\system32\drivers\nimxpkl.sys [2012-07-09 13008]
S3 ninshsdk;ninshsdk; \??\C:\Windows\system32\drivers\ninshsdkl.sys [2012-10-09 13000]
S3 niorbk;niorbk; \??\C:\Windows\system32\drivers\niorbkl.sys [2014-03-12 15184]
S3 nipalfwedl;nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [2014-06-05 15232]
S3 nipalusbedl;nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [2014-06-05 15224]
S3 nipxifpk;NI PXI Forwarding Chassis Pilot; \??\C:\Windows\system32\drivers\nipxifpk.sys [2013-09-10 37272]
S3 nipxigpk;NI PXI Generic Chassis Pilot; \??\C:\Windows\system32\drivers\nipxigpk.sys [2011-08-09 22680]
S3 niraptrk;niraptrk; \??\C:\Windows\system32\drivers\niraptrkl.sys [2012-10-08 12976]
S3 niscdk;niscdk; \??\C:\Windows\system32\drivers\niscdkl.sys [2012-03-07 12984]
S3 nisdigk;nisdigk; \??\C:\Windows\system32\drivers\nisdigkl.sys [2012-07-02 12960]
S3 nisftk;nisftk; \??\C:\Windows\system32\drivers\nisftkl.sys [2012-06-01 12952]
S3 nispdk;nispdk; \??\C:\Windows\system32\drivers\nispdkl.sys [2012-03-07 12984]
S3 nissrk;nissrk; \??\C:\Windows\system32\drivers\nissrkl.sys [2012-10-08 12976]
S3 nistc2k;nistc2k; \??\C:\Windows\system32\drivers\nistc2kl.sys [2009-01-05 11824]
S3 nistc3rk;nistc3rk; \??\C:\Windows\system32\drivers\nistc3rkl.sys [2012-07-10 12968]
S3 nistcrk;nistcrk; \??\C:\Windows\system32\drivers\nistcrkl.sys [2011-07-18 12968]
S3 niswdk;niswdk; \??\C:\Windows\system32\drivers\niswdkl.sys [2012-10-11 12976]
S3 nitiork;nitiork; \??\C:\Windows\system32\drivers\nitiorkl.sys [2012-07-10 13000]
S3 niufurk;niufurk; \??\C:\Windows\system32\drivers\niufurkl.sys [2012-10-08 13008]
S3 niwfrk;niwfrk; \??\C:\Windows\system32\drivers\niwfrkl.sys [2012-10-08 12984]
S3 nixsrk;nixsrk; \??\C:\Windows\system32\drivers\nixsrkl.sys [2012-10-08 12976]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2014-04-01 581000]
R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2013-08-31 99328]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-05-01 240128]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-08-07 312448]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-05 50344]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2014-03-24 487936]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-09-12 101192]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2013-08-22 37768]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2013-08-22 37768]
R2 LkCitadelServer;NI Citadel 4 Service; C:\Windows\SysWOW64\lkcitdl.exe [2014-01-14 695136]
R2 lkClassAds;NI PSP Service Locator; C:\Windows\SysWOW64\lkads.exe [2014-06-09 53032]
R2 lkTimeSync;NI Time Synchronization; C:\Windows\SysWOW64\lktsrv.exe [2014-06-09 63280]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-08-07 219272]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-08-07 182752]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 mitsijm2015;Autodesk Simulation Moldflow MITSI 2015 Job Manager; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [2013-10-12 968480]
R2 mxssvr;NI Configuration Manager; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [2014-06-07 84280]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
R2 NIApplicationWebServer;NI Application Web Server; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2014-06-10 57184]
R2 niauth;NI Authentication Service; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [2014-06-20 569152]
R2 nidevldu;NI Device Loader; C:\Windows\SysWOW64\nipalsm.exe [2014-06-05 19280]
R2 NIDomainService;NI Domain Service; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [2014-06-09 394544]
R2 niLXIDiscovery;NI LXI Discovery Service; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [2014-06-13 383352]
R2 nimDNSResponder;NI mDNS Responder Service; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2014-06-06 320368]
R2 NINetworkDiscovery;NI Network Discovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2014-06-19 177536]
R2 nipxirmu;NI PXI Resource Manager; C:\Windows\SysWOW64\nipxism.exe [2014-01-09 20816]
R2 NiSvcLoc;NI Service Locator; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [2014-06-06 89928]
R2 NISystemWebServer;NI System Web Server; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [2014-06-10 57168]
R2 NITaggerService;National Instruments Variable Engine; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [2011-06-14 676016]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2014-01-23 1335344]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2014-01-23 856112]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2013-08-22 37768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-17 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-15 267440]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-05-05 1357104]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-17 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-25 114288]
S3 NILM License Manager;NI License Server; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2010-08-02 1427688]
S3 NiRioRpc;NI-RIO Server; C:\Windows\SysWOW64\NiRioRpc.exe [2014-07-30 39232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 OpcEnum;OpcEnum; C:\Windows\SysWOW64\Opcenum.exe [2013-05-21 172832]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S4 NIApplicationWebServer64;NI Application Web Server (64-bit); C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2014-06-10 80736]

-----------------EOF-----------------

[Rudy]

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[domino65]

Neviem ci to pomoze ADW som skusal este pred zalozenim temy

# AdwCleaner v4.001 - Report created 25/10/2014 at 20:49:25
# DB v2014-10-23.2
# Updated 20/10/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Domino - DM
# Running from : C:\Users\Domino\Desktop\adwcleaner_4.001.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 sk)


-\\ Google Chrome v38.0.2125.104


*************************

AdwCleaner[R0].txt - [25583 octets] - [24/09/2014 21:19:10]
AdwCleaner[R1].txt - [14211 octets] - [25/10/2014 17:27:36]
AdwCleaner[R2].txt - [1003 octets] - [25/10/2014 18:13:21]
AdwCleaner[R3].txt - [338 octets] - [25/10/2014 20:13:20]
AdwCleaner[R4].txt - [1121 octets] - [25/10/2014 20:37:55]
AdwCleaner[S0].txt - [22888 octets] - [24/09/2014 21:24:58]
AdwCleaner[S1].txt - [13581 octets] - [25/10/2014 17:34:49]
AdwCleaner[S2].txt - [1036 octets] - [25/10/2014 20:49:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1096 octets] ##########

[Rudy]

OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Users\Domino\AppData\Local\Akamai
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[domino65]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Domino at 2014-10-25 22:31:43
Microsoft Windows 8.1
System drive C: has 275 GB (59%) free of 466 GB
Total RAM: 3514 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:32:05, on 25.10.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\1_0_0_0\RGSC.exe
C:\Program Files\trend micro\Domino.exe
C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [niDevMon] C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [NIRegistrationWizard] C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1051
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: Need for Speed™ Undercover Registration.lnk = C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe
O4 - Startup: TornTvDownloader.lnk = Domino\AppData\Roaming\TornTV.com\Torntv Downloader.exe
O4 - Startup: Typle.lnk = C:\Program Files (x86)\Typle2.0v\Typle.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NI Error Reporting.lnk = C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NI Citadel 4 Service (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe
O23 - Service: NI PSP Service Locator (lkClassAds) - National Instruments Corporation - C:\Windows\SysWOW64\lkads.exe
O23 - Service: NI Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\SysWOW64\lktsrv.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Autodesk Simulation Moldflow MITSI 2015 Job Manager (mitsijm2015) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
O23 - Service: NI Application Web Server (NIApplicationWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
O23 - Service: NI Authentication Service (niauth) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
O23 - Service: NI Device Loader (nidevldu) - National Instruments Corporation - C:\Windows\SysWOW64\nipalsm.exe
O23 - Service: NI Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI License Server (NILM License Manager) - Macrovision Corporation - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI LXI Discovery Service (niLXIDiscovery) - National Instruments Corporation - C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
O23 - Service: NI mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service: NI Network Discovery (NINetworkDiscovery) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
O23 - Service: NI PXI Resource Manager (nipxirmu) - National Instruments Corporation - C:\Windows\SysWOW64\nipxism.exe
O23 - Service: NI-RIO Server (NiRioRpc) - National Instruments Corporation - C:\Windows\SysWOW64\NiRioRpc.exe
O23 - Service: NI Service Locator (NiSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe
O23 - Service: NI System Web Server (NISystemWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\SysWOW64\Opcenum.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14053 bytes

======Listing Processes======





wininit.exe


C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
dashost.exe {975dbfb6-2784-4006-8eafc0c96a3340d1}
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files\Elantech\ETDService.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\SysWOW64\lkads.exe
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\National Instruments\MAX\nimxs.exe"
taskhostex.exe
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe" -start
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe" -s
"C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Windows\SysWOW64\lkcitdl.exe
C:\Windows\SysWOW64\lktsrv.exe
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\Windows\SysWOW64\nipalsm.exe
"C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe"
C:\Windows\SysWOW64\nipxism.exe
"C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe" -system
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
"C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe"
"C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe"
"ConnectifyD.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user
NIWebServiceContainer.exe {38C1AE78-0000-4607-A128-7CDD391A9437} 3656 836 21
NIWebServiceContainer.exe {410894DD-9552-43B9-A979-16A75A3EB2C6} 3656 852 21
C:\Windows\system32\svchost.exe -k HPService
NIWebServiceContainer.exe {B61C9791-224D-47AB-87AA-A8E0A6806D98} 4156 860 21
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\SysWOW64\UMonit64.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe"
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe"
"C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\1_0_0_0\RGSC.exe" /silent
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\TOSHIBA\Teco\TecoResident.exe"
"C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Users\Domino\Desktop\RSITx64.exe"
taskeng.exe {E7E79F33-8FCC-49E0-AF41-7AE953E7D87A}
"C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Domino\AppData\Roaming\Mozilla\Firefox\Profiles\iooxqr6b.default-1401903420372

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npIMAQAXControl.dll
nplv2010win32.dll
nplv2011win32.dll
nplv2012win32.dll
NPLV82Win32.dll
nplv90win32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-05 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2014-01-23 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-05 457712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-09-12 2890056]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2013-04-11 429792]
"NIRegistrationWizard"=C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [2013-04-19 847000]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2013-08-06 34160]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-09 4085896]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2014-04-01 480648]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"niDevMon"=C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe [2012-07-11 110224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
NI Error Reporting.lnk - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe

C:\Users\Domino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Need for Speed™ Undercover Registration.lnk - C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe
TornTvDownloader.lnk - C:\Users\Domino\AppData\Roaming\TornTV.com\Torntv Downloader.exe
Typle.lnk - C:\Program Files (x86)\Typle2.0v\Typle.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-10-25 22:25:50 ----D---- C:\_OTM
2014-10-25 18:48:05 ----D---- C:\Program Files (x86)\Rockstar Games
2014-10-25 18:22:05 ----D---- C:\rsit
2014-10-25 18:22:05 ----D---- C:\Program Files\trend micro
2014-10-25 17:24:28 ----A---- C:\ProgramData\pclunst.exe
2014-10-25 17:24:08 ----D---- C:\ProgramData\PC1Data
2014-10-25 16:50:58 ----RHD---- C:\Users\Domino\AppData\Roaming\SecuROM
2014-10-25 16:48:52 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2014-10-25 16:47:02 ----D---- C:\Windows\SYSWOW64\xlive
2014-10-25 16:47:01 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-10-24 16:15:12 ----D---- C:\Program Files (x86)\RAR Password Unlocker
2014-10-16 22:00:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-15 18:37:27 ----A---- C:\Windows\system32\MrmCoreR.dll
2014-10-15 18:37:26 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2014-10-15 18:37:23 ----A---- C:\Windows\system32\winbici.dll
2014-10-15 18:37:07 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 18:37:07 ----A---- C:\Windows\system32\msi.dll
2014-10-15 18:37:06 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-10-15 18:37:06 ----A---- C:\Windows\system32\authui.dll
2014-10-15 18:37:06 ----A---- C:\Windows\system32\appinfo.dll
2014-10-15 18:36:28 ----A---- C:\Windows\system32\packager.dll
2014-10-15 18:36:27 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 18:35:54 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 18:34:55 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 18:34:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 18:34:37 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 18:34:34 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 18:34:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 18:34:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 18:34:27 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 18:34:27 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 18:34:26 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 18:34:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 18:34:25 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 18:34:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 18:34:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 18:34:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 18:34:21 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 18:34:21 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 18:34:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 18:34:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 18:34:17 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 18:34:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 18:34:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 18:34:17 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 18:34:17 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 18:34:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 18:34:16 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 18:34:16 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 18:34:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 18:34:15 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 18:29:51 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 18:29:51 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 18:26:35 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-15 18:26:34 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-10-15 18:26:34 ----A---- C:\Windows\system32\wups.dll
2014-10-15 18:26:34 ----A---- C:\Windows\system32\wucltux.dll
2014-10-15 18:26:34 ----A---- C:\Windows\system32\wuapi.dll
2014-10-15 18:26:33 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-10-15 18:26:33 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-15 18:26:33 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-10-15 18:26:33 ----A---- C:\Windows\system32\wups2.dll
2014-10-15 18:26:33 ----A---- C:\Windows\system32\wudriver.dll
2014-10-15 18:26:33 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-15 18:26:32 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-10-15 18:26:32 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-10-15 18:26:32 ----A---- C:\Windows\system32\wuapp.exe
2014-10-15 18:25:44 ----A---- C:\Windows\system32\shell32.dll
2014-10-15 18:25:40 ----A---- C:\Windows\system32\Windows.UI.Search.dll
2014-10-15 18:25:38 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-10-15 18:25:37 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2014-10-15 18:25:36 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 18:25:35 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 18:25:35 ----A---- C:\Windows\system32\SyncEngine.dll
2014-10-15 18:25:34 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-10-15 18:25:32 ----A---- C:\Windows\system32\SearchFolder.dll
2014-10-15 18:25:32 ----A---- C:\Windows\system32\ntdll.dll
2014-10-15 18:25:32 ----A---- C:\Windows\system32\KernelBase.dll
2014-10-15 18:25:30 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-10-15 18:25:30 ----A---- C:\Windows\system32\propsys.dll
2014-10-15 18:25:26 ----A---- C:\Windows\system32\WSShared.dll
2014-10-15 18:25:25 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-10-15 18:25:25 ----A---- C:\Windows\system32\Wldap32.dll
2014-10-15 18:25:25 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-10-15 18:25:24 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2014-10-15 18:25:23 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-10-15 18:25:22 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2014-10-15 18:25:22 ----A---- C:\Windows\SYSWOW64\propsys.dll
2014-10-15 18:25:22 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-15 18:25:19 ----A---- C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-15 18:25:17 ----A---- C:\Windows\system32\SkyDrive.exe
2014-10-15 18:25:17 ----A---- C:\Windows\system32\bisrv.dll
2014-10-15 18:25:13 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-10-15 18:25:11 ----A---- C:\Windows\SYSWOW64\SkyDriveShell.dll
2014-10-15 18:25:11 ----A---- C:\Windows\system32\SkyDriveShell.dll
2014-10-15 18:25:11 ----A---- C:\Windows\system32\pcsvDevice.dll
2014-10-15 18:25:11 ----A---- C:\Windows\system32\httpprxm.dll
2014-10-15 18:25:10 ----A---- C:\Windows\system32\ProximityService.dll
2014-10-15 18:25:10 ----A---- C:\Windows\system32\adhsvc.dll
2014-10-15 18:25:09 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 18:25:08 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-13 23:52:29 ----D---- C:\My Works
2014-10-13 23:52:20 ----D---- C:\Users\Domino\AppData\Roaming\CyberLink
2014-10-13 21:35:43 ----D---- C:\ProgramData\install_clap
2014-10-13 21:32:42 ----D---- C:\ProgramData\CLSK
2014-10-13 21:32:24 ----D---- C:\ProgramData\CyberLink
2014-10-13 21:31:56 ----D---- C:\ProgramData\Temp
2014-10-12 14:14:47 ----D---- C:\ProgramData\PXISA
2014-10-12 14:11:11 ----D---- C:\Program Files (x86)\cameralink
2014-10-12 14:05:22 ----D---- C:\Program Files\cameralink
2014-10-12 13:52:04 ----D---- C:\ProgramData\IVI Foundation
2014-10-12 13:52:04 ----D---- C:\Program Files\IVI Foundation
2014-10-12 13:52:04 ----D---- C:\Program Files (x86)\IVI Foundation
2014-10-03 19:02:07 ----A---- C:\Users\Domino\AppData\Roaming\All CPU MeterV3_Settings.ini

======List of files/folders modified in the last 1 month======

2014-10-25 22:30:15 ----D---- C:\Windows\Temp
2014-10-25 22:28:31 ----AD---- C:\Windows
2014-10-25 22:25:54 ----D---- C:\Windows\Tasks
2014-10-25 22:15:11 ----D---- C:\Windows\Inf
2014-10-25 22:00:41 ----SHD---- C:\Windows\Installer
2014-10-25 22:00:40 ----HD---- C:\Config.Msi
2014-10-25 22:00:04 ----D---- C:\Windows\system32\sru
2014-10-25 21:55:27 ----D---- C:\Windows\SysWOW64
2014-10-25 20:49:30 ----D---- C:\AdwCleaner
2014-10-25 20:45:16 ----D---- C:\Windows\Microsoft.NET
2014-10-25 20:44:24 ----D---- C:\Windows\system32\config
2014-10-25 20:28:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-25 20:19:48 ----D---- C:\Users\Domino\AppData\Roaming\ICQ
2014-10-25 19:32:37 ----HD---- C:\ProgramData
2014-10-25 19:21:46 ----RSD---- C:\Windows\assembly
2014-10-25 19:21:00 ----D---- C:\Windows\Logs
2014-10-25 18:48:05 ----D---- C:\Program Files (x86)
2014-10-25 18:22:16 ----D---- C:\Windows\Prefetch
2014-10-25 18:22:05 ----D---- C:\Program Files
2014-10-25 18:03:43 ----D---- C:\Users\Domino\AppData\Roaming\uTorrent
2014-10-25 18:03:04 ----D---- C:\Windows\debug
2014-10-25 18:00:56 ----D---- C:\Windows\AppReadiness
2014-10-25 18:00:55 ----HD---- C:\Program Files\WindowsApps
2014-10-25 17:58:39 ----D---- C:\Program Files (x86)\TOSHIBA Games
2014-10-25 17:57:46 ----D---- C:\Users\Domino\AppData\Roaming\WildTangent
2014-10-25 17:57:46 ----D---- C:\ProgramData\WildTangent
2014-10-25 17:57:06 ----D---- C:\Program Files (x86)\Spintires
2014-10-25 17:56:51 ----D---- C:\Windows\system32\Tasks
2014-10-25 17:46:21 ----D---- C:\Program Files (x86)\Common Files
2014-10-25 17:46:07 ----DC---- C:\Windows\system32\DRVSTORE
2014-10-25 17:46:07 ----D---- C:\Windows\system32\drivers
2014-10-25 17:34:16 ----SD---- C:\ProgramData\Microsoft
2014-10-25 17:34:16 ----D---- C:\Program Files (x86)\Microsoft
2014-10-25 17:33:07 ----D---- C:\Program Files (x86)\Advanced Fix 2013
2014-10-25 17:32:30 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2014-10-25 17:32:27 ----SHD---- C:\Program Files\Windows Sidebar
2014-10-25 17:25:32 ----D---- C:\Windows\WinSxS
2014-10-25 16:48:16 ----SHD---- C:\System Volume Information
2014-10-24 19:15:28 ----D---- C:\Windows\SoftwareDistribution
2014-10-24 13:26:13 ----D---- C:\Users\Domino\AppData\Roaming\vlc
2014-10-22 21:09:00 ----D---- C:\Windows\system32\DriverStore
2014-10-17 17:27:03 ----D---- C:\Windows\system32\NDF
2014-10-16 21:53:37 ----RAD---- C:\Windows\System32
2014-10-16 21:53:37 ----D---- C:\Windows\MediaViewer
2014-10-16 21:53:36 ----D---- C:\Windows\FileManager
2014-10-16 21:53:36 ----D---- C:\Windows\Camera
2014-10-16 21:53:35 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-10-16 21:53:35 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-16 21:53:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-16 21:53:35 ----D---- C:\Program Files\Internet Explorer
2014-10-16 21:53:35 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-16 21:53:34 ----D---- C:\Windows\system32\sk-SK
2014-10-16 21:53:34 ----D---- C:\Windows\system32\en-US
2014-10-16 21:53:34 ----D---- C:\Windows\system32\cs-CZ
2014-10-16 21:53:32 ----RD---- C:\Windows\ToastData
2014-10-16 21:53:30 ----D---- C:\Windows\WinStore
2014-10-16 21:53:11 ----D---- C:\Windows\CbsTemp
2014-10-16 20:58:33 ----D---- C:\ProgramData\Microsoft Help
2014-10-16 20:56:31 ----D---- C:\Windows\system32\MRT
2014-10-16 20:49:12 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 23:26:07 ----D---- C:\Windows\system32\catroot
2014-10-15 18:30:21 ----D---- C:\Windows\system32\catroot2
2014-10-13 21:30:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-12 16:24:32 ----D---- C:\ProgramData\National Instruments
2014-10-12 14:18:46 ----D---- C:\Program Files\National Instruments
2014-10-12 14:14:32 ----D---- C:\Program Files (x86)\National Instruments
2014-10-12 14:02:19 ----RSD---- C:\Windows\Fonts
2014-10-04 19:54:56 ----D---- C:\Autodesk
2014-10-04 12:01:30 ----D---- C:\Windows\system32\wdi
2014-10-01 20:15:29 ----D---- C:\Windows\rescache
2014-09-26 20:38:36 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-05 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-05 224896]
R0 LPCFilter;@oem14.inf,%LPCFilter.SvcDesc%;LPC Lower Filter Driver; C:\Windows\System32\drivers\LPCFilter.sys [2013-08-01 35672]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-08-07 776168]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-08-07 343568]
R0 NIPALK;NIPALK; C:\Windows\System32\drivers\nipalk.sys [2014-06-05 773464]
R0 nipbcfk;National Instruments Class Upper Filter Driver; C:\Windows\System32\drivers\nipbcfk.sys [2014-02-28 19288]
R0 nipxibaf;National Instruments PXI Bridge Access Driver; C:\Windows\System32\drivers\nipxibaf.sys [2014-06-12 89992]
R0 nipxibrc;National Instruments PXI Bridge Configuration Driver; C:\Windows\System32\drivers\nipxibrc.sys [2014-05-16 70336]
R0 nischifk;NI SoftCore Chinch Filter Driver; C:\Windows\System32\Drivers\nischifk.sys [2014-06-11 66936]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-05 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-05 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-05 427360]
R1 cnnctfy3;@oem59.inf,%cnnctfy3_Desc%;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy3.sys [2014-07-05 35352]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys [2008-01-02 24848]
R2 APXACC;@oem3.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\Windows\system32\DRIVERS\appexDrv.sys [2013-04-18 219360]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-05 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-05 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-05 92008]
R2 nipxirmk;nipxirmk; \??\C:\Windows\system32\drivers\nipxirmkl.sys [2014-01-09 15184]
R2 nistreamk;nistreamk; C:\Windows\system32\drivers\nistreamkl.sys [2014-06-04 24912]
R2 NiViPxiK;NI-VISA PXI Driver; C:\Windows\System32\drivers\NiViPxiKl.sys [2014-06-13 15200]
R3 AmdAS4;@oem2.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\Windows\System32\drivers\AmdAS4.sys [2013-02-07 17504]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-05-01 13941760]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-05-01 628224]
R3 athr;@oem12.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-10-24 3858944]
R3 AtiHDAudioService;@oem4.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2013-06-22 138240]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2013-10-14 20312]
R3 ETD;@oem15.inf,%PS2.DeviceDesc%;ELAN PS/2_SMBus Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-09-12 377672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-13 3588184]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-08-07 310224]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-08-07 519064]
R3 nidimk;nidimk; \??\C:\Windows\system32\drivers\nidimkl.sys [2014-03-13 15200]
R3 NIEthernetDeviceEnumerator;@oem83.inf,%NIEthernetDeviceEnumerator.ServiceDesc%;NI Ethernet Device Enumerator Driver; C:\Windows\System32\drivers\niede.sys [2012-01-12 38064]
R3 niimaqdxk;niimaqdxk; C:\Windows\system32\drivers\niimaqdxkl.sys [2014-06-25 15160]
R3 nimdbgk;nimdbgk; \??\C:\Windows\system32\drivers\nimdbgkl.sys [2014-03-13 15200]
R3 nimru2k;nimru2k; \??\C:\Windows\system32\drivers\nimru2kl.sys [2012-06-28 13008]
R3 nimstsk;nimstsk; \??\C:\Windows\system32\drivers\nimstskl.sys [2012-07-09 13008]
R3 nimxdfk;nimxdfk; \??\C:\Windows\system32\drivers\nimxdfkl.sys [2014-03-13 15184]
R3 NiViPciK;NI-VISA PCI Driver; C:\Windows\System32\drivers\NiViPciKl.sys [2014-06-13 15200]
R3 RTL8168;@oem6.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-07-26 827096]
R3 SmbDrv;SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [2013-10-30 30448]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2013-08-07 69264]
S3 AndNetDiag;@oem47.inf,%Lgsi.Service.Name%;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2014-05-27 29184]
S3 ANDNetModem;@oem49.inf,%LGSI.Service.Name%;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2014-05-27 36352]
S3 aswTap;@oem65.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-07-05 44640]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2013-08-07 70112]
S3 dot4;@oem22.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-09-25 151968]
S3 Dot4Print;@oem23.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-09-25 27040]
S3 dot4usb;@oem22.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-09-25 49056]
S3 ETDSMBus;ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [2013-08-07 23368]
S3 GeneStor;@oem13.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\Windows\System32\drivers\GeneStor.sys [2013-08-02 100072]
S3 lvalarmk;lvalarmk; \??\C:\Windows\system32\drivers\lvalarmk.sys [2012-06-29 25336]
S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-08-07 179664]
S3 ni1045k;NI PXI-1045 Chassis Pilot; \??\C:\Windows\system32\drivers\ni1045kl.sys [2014-05-16 12984]
S3 ni1065k;NI PXIe-1065 Chassis Pilot; \??\C:\Windows\system32\drivers\ni1065k.sys [2014-05-16 30032]
S3 nicdcck;nicdcck; \??\C:\Windows\system32\drivers\nicdcckl.sys [2012-07-10 12992]
S3 nicdrk;nicdrk; \??\C:\Windows\system32\drivers\nicdrkl.sys [2011-07-21 11864]
S3 nicmrk;nicmrk; \??\C:\Windows\system32\drivers\nicmrkl.sys [2012-10-08 13008]
S3 nicondrk;nicondrk; \??\C:\Windows\system32\drivers\nicondrkl.sys [2012-10-08 12976]
S3 nicsrk;nicsrk; \??\C:\Windows\system32\drivers\nicsrkl.sys [2012-10-08 12976]
S3 nidmxfk;nidmxfk; \??\C:\Windows\system32\drivers\nidmxfkl.sys [2012-07-09 12976]
S3 nidsark;nidsark; \??\C:\Windows\system32\drivers\nidsarkl.sys [2012-07-16 12992]
S3 niemrk;niemrk; \??\C:\Windows\system32\drivers\niemrkl.sys [2012-10-08 12976]
S3 niesrk;niesrk; \??\C:\Windows\system32\drivers\niesrkl.sys [2012-10-08 12976]
S3 nifslk;nifslk; \??\C:\Windows\system32\drivers\nifslkl.sys [2012-07-09 12992]
S3 niimaqk;NI-IMAQ Driver; C:\Windows\system32\drivers\niimaqk.sys []
S3 nimsdrk;nimsdrk; \??\C:\Windows\system32\drivers\nimsdrkl.sys [2012-07-09 13032]
S3 nimxpk;nimxpk; \??\C:\Windows\system32\drivers\nimxpkl.sys [2012-07-09 13008]
S3 ninshsdk;ninshsdk; \??\C:\Windows\system32\drivers\ninshsdkl.sys [2012-10-09 13000]
S3 niorbk;niorbk; \??\C:\Windows\system32\drivers\niorbkl.sys [2014-03-12 15184]
S3 nipalfwedl;nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [2014-06-05 15232]
S3 nipalusbedl;nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [2014-06-05 15224]
S3 nipxifpk;NI PXI Forwarding Chassis Pilot; \??\C:\Windows\system32\drivers\nipxifpk.sys [2013-09-10 37272]
S3 nipxigpk;NI PXI Generic Chassis Pilot; \??\C:\Windows\system32\drivers\nipxigpk.sys [2011-08-09 22680]
S3 niraptrk;niraptrk; \??\C:\Windows\system32\drivers\niraptrkl.sys [2012-10-08 12976]
S3 niscdk;niscdk; \??\C:\Windows\system32\drivers\niscdkl.sys [2012-03-07 12984]
S3 nisdigk;nisdigk; \??\C:\Windows\system32\drivers\nisdigkl.sys [2012-07-02 12960]
S3 nisftk;nisftk; \??\C:\Windows\system32\drivers\nisftkl.sys [2012-06-01 12952]
S3 nispdk;nispdk; \??\C:\Windows\system32\drivers\nispdkl.sys [2012-03-07 12984]
S3 nissrk;nissrk; \??\C:\Windows\system32\drivers\nissrkl.sys [2012-10-08 12976]
S3 nistc2k;nistc2k; \??\C:\Windows\system32\drivers\nistc2kl.sys [2009-01-05 11824]
S3 nistc3rk;nistc3rk; \??\C:\Windows\system32\drivers\nistc3rkl.sys [2012-07-10 12968]
S3 nistcrk;nistcrk; \??\C:\Windows\system32\drivers\nistcrkl.sys [2011-07-18 12968]
S3 niswdk;niswdk; \??\C:\Windows\system32\drivers\niswdkl.sys [2012-10-11 12976]
S3 nitiork;nitiork; \??\C:\Windows\system32\drivers\nitiorkl.sys [2012-07-10 13000]
S3 niufurk;niufurk; \??\C:\Windows\system32\drivers\niufurkl.sys [2012-10-08 13008]
S3 niwfrk;niwfrk; \??\C:\Windows\system32\drivers\niwfrkl.sys [2012-10-08 12984]
S3 nixsrk;nixsrk; \??\C:\Windows\system32\drivers\nixsrkl.sys [2012-10-08 12976]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2014-04-01 581000]
R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2013-08-31 99328]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-05-01 240128]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-08-07 312448]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-05 50344]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2014-03-24 487936]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-09-12 101192]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2013-08-22 37768]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2013-08-22 37768]
R2 LkCitadelServer;NI Citadel 4 Service; C:\Windows\SysWOW64\lkcitdl.exe [2014-01-14 695136]
R2 lkClassAds;NI PSP Service Locator; C:\Windows\SysWOW64\lkads.exe [2014-06-09 53032]
R2 lkTimeSync;NI Time Synchronization; C:\Windows\SysWOW64\lktsrv.exe [2014-06-09 63280]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-08-07 219272]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-08-07 182752]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 mitsijm2015;Autodesk Simulation Moldflow MITSI 2015 Job Manager; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [2013-10-12 968480]
R2 mxssvr;NI Configuration Manager; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [2014-06-07 84280]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
R2 NIApplicationWebServer;NI Application Web Server; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2014-06-10 57184]
R2 niauth;NI Authentication Service; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [2014-06-20 569152]
R2 nidevldu;NI Device Loader; C:\Windows\SysWOW64\nipalsm.exe [2014-06-05 19280]
R2 NIDomainService;NI Domain Service; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [2014-06-09 394544]
R2 niLXIDiscovery;NI LXI Discovery Service; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [2014-06-13 383352]
R2 nimDNSResponder;NI mDNS Responder Service; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2014-06-06 320368]
R2 NINetworkDiscovery;NI Network Discovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2014-06-19 177536]
R2 nipxirmu;NI PXI Resource Manager; C:\Windows\SysWOW64\nipxism.exe [2014-01-09 20816]
R2 NiSvcLoc;NI Service Locator; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [2014-06-06 89928]
R2 NISystemWebServer;NI System Web Server; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [2014-06-10 57168]
R2 NITaggerService;National Instruments Variable Engine; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [2011-06-14 676016]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2014-01-23 1335344]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2014-01-23 856112]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2013-08-22 37768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-17 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-15 267440]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-05-05 1357104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-17 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-25 114288]
S3 NILM License Manager;NI License Server; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2010-08-02 1427688]
S3 NiRioRpc;NI-RIO Server; C:\Windows\SysWOW64\NiRioRpc.exe [2014-07-30 39232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 OpcEnum;OpcEnum; C:\Windows\SysWOW64\Opcenum.exe [2013-05-21 172832]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S4 NIApplicationWebServer64;NI Application Web Server (64-bit); C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2014-06-10 80736]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Domino.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O9 - Extra button: (no name) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O20 - AppInit_DLLs:

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

[domino65]

Zatial bez zmeny. My start v prehliadacoch stale mam.

[Rudy]

Spusťte ještě toto:

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

[domino65]

Pomohlo to, Mystart z prehliadacov zmizol. Je teraz PC vycisteny od vsetkeho co tam nema byt, alebo je nutne este spravit nejake kroky?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 8.1 x64
Ran by Domino on ne 26.10.2014 at 11:14:27,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2968753961-2178812533-3383425638-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pc1data"



~~~ FireFox

Successfully deleted the following from C:\Users\Domino\AppData\Roaming\mozilla\firefox\profiles\iooxqr6b.default-1401903420372\prefs.js

user_pref("browser.newtab.url", "hxxp://www.mystartsearch.com/newtab/?type=nt&t ... X63O3CUB0T");
user_pref("browser.search.defaultenginename", "mystartsearch");
user_pref("browser.search.selectedEngine", "mystartsearch");
user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5
user_pref("extensions.crossrider.bic", "149479e5e2559a619ac752f61ce2d32c");
Emptied folder: C:\Users\Domino\AppData\Roaming\mozilla\firefox\profiles\iooxqr6b.default-1401903420372\minidumps [85 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 26.10.2014 at 11:25:03,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Rudy]

Nějaké Mystart smazal. Změnilo se nyní něco?

[domino65]

Badam len to, ze zmizol Mystart. Inak PC bezi tak ako predtym, co je v poriadku. Bola by dobra este nejaka preventivna kontrola?

[Rudy]

Můžeme zkusit tento sken: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.

[domino65]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26.10.2014
Scan Time: 12:37:04
Logfile: Mlw Log.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.10.26.02
Rootkit Database: v2014.10.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Domino

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 436233
Time Elapsed: 34 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\TheTorntv V10-nv, , [e2686aafa2daad89f3abe23fb54ea35d],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\TotalPlus01-3.1V24.09-nv, , [54f61ffa9ede48eef2e669b757ac42be],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\TotalPlusHD-3.1V25.10-nv, , [a3a74fcafd7f44f2716769b7eb1802fe],
PUP.Optional.FastStart.A, HKU\S-1-5-21-2968753961-2178812533-3383425638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, , [99b129f06f0d6ec86254ed39a360f60a],

Registry Values: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-2968753961-2178812533-3383425638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [99b129f06f0d6ec86254ed39a360f60a]

Registry Data: 0
(No malicious items detected)

Folders: 21
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\userCode, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\icons, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\icons\actions, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\api, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\popupResource, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\userCode, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\icons, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\icons\actions, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\api, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\popupResource, , [ae9cc1586913b2844221d84343c0966a],

Files: 165
PUP.Optional.TornTV.A, C:\Users\Domino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk, , [b991a772d5a79c9af76a81a4a16259a7],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\background.html, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\chromeCoreFilesIndex.txt, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\manifest.json, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\popup.html, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\Settings.json, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\manifest.xml, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins.json, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\102.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\104.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\119.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\123.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\13.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\14.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\17.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\178.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\179.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\180.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\184.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\19.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\191.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\195.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\220.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\221.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\223.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\231.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\232.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\242.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\246.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\260.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\262.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\263.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\267.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\273.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\275.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\281.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\286.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\289.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\300.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\4.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\47.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\64.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\7.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\78.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\80.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\9.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\91.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\93.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\plugins\97.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\userCode\background.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\extensionData\userCode\extension.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\icons\icon128.png, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\icons\icon16.png, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\icons\icon48.png, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\icons\actions\1.png, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\0faa2a52b0abc7a98a4c6e1425adf80b.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\319bf53a4e8f9cb5b7e4d4b3c4590c79.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\main.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\api\2d31b12486981f70168722abd43eac3e.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\api\3f0bac98c223f6e433f45d74bfa8437e.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\api\9fd4a626e2401e51374094b7e01a296f.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\api\a167863fdc5fbefa38675c25cd50c773.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\api\bcff470c7f6b47bfa666da3e1210c86e.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\api\pageAction.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\6ff603b2d0ac1b4a5c959aec7ad6d082.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\1dc1cc067ce3cf4654aad2d85c9bf273.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\2d4172815b0e2d5c548206f7141a4a9c.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\4b6fba514df73a21591b44c573ea82a4.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\4d74e25c1db257eff1abd33f1f826612.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\57652521f4f30bdb6ed2d94087ad7b38.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\576be0f0fa82b7bc773558497f5023c3.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\699958a09b76c7697b2808350e8f3693.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\6bc9cf0cd34117a0f7cd764938bdd864.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\77af202d89af2f1450553917f80f9083.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\915ea02b44d635e9b80f8429129ba766.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\app_api.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\d819b422c09c0a29471e11778ef42d66.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\e9ef8d7f8c0954b9ab99d36012d505db.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\efaf05d1a93d3f62a6cc4fb027dfbcec.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\installer.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\popupResource\newPopup.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.43_0\js\lib\popupResource\popup.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\background.html, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\chromeCoreFilesIndex.txt, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\manifest.json, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\popup.html, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\Settings.json, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\manifest.xml, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins.json, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\260.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\102.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\104.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\119.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\123.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\13.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\14.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\17.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\178.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\179.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\180.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\184.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\19.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\191.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\195.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\220.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\221.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\223.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\231.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\232.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\242.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\246.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\262.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\263.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\267.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\273.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\275.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\281.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\286.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\288.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\289.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\300.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\302.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\4.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\47.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\64.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\7.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\78.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\80.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\9.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\91.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\93.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\plugins\97.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\userCode\background.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\extensionData\userCode\extension.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\icons\icon128.png, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\icons\icon16.png, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\icons\icon48.png, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\icons\actions\1.png, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\886c6a45c8fe391ee56e21c5ce78191c.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\8d10acb652ccd993aca1a7344c5f170a.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\main.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\api\6d678197182dff15a76742b0a50c42aa.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\api\d296860e6f3816173677a43ba5c6178a.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\api\f50250fc36286bee7c6208627a78726b.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\api\f519e628c164f9c4bba6f0c3119bdabf.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\api\fe59b52c2aa05a814dd9494194292e0f.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\api\pageAction.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\29ee914fbcd16d74946383f1a183a521.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\3101c5b1ad5e595ccb72386bf635c800.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\3358636773ef2e54fdf8fc39d1fe38b9.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\409edea134a10091526a7ac5c31eb22c.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\60897fc32f353f43a643125dc2a64210.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\7474d94383ab77c350e5729e080b8ad9.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\88dfc19fa6ef5fee0826b9308082480d.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\8f34d546924f64df88f236c697edf6e7.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\9cf97a386b5cd2a79901521a86ef887a.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\app_api.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\de82f697d935718429eff68ea5f99d35.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\e34b5fe38a3587842eb0f7f06be856d7.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\eb497dd11ce5c47b3de91adba08014cb.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\ed8fd56a6b4a6eca948940af0ea19e56.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\f0cb3ac6ffe8bfb672ac8c21419572e2.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\installer.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\popupResource\newPopup.js, , [ae9cc1586913b2844221d84343c0966a],
PUP.Optional.CrossRider.A, C:\Users\Domino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb\1.26.51_0\js\lib\popupResource\popup.js, , [ae9cc1586913b2844221d84343c0966a],

Physical Sectors: 0
(No malicious items detected)


(end)