All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default.migrated
User: Martin
->Temp folder emptied: 38952505 bytes
->Temporary Internet Files folder emptied: 13800301 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 86218493 bytes
->Google Chrome cache emptied: 440993160 bytes
->Flash cache emptied: 1537 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17002424 bytes
RecycleBin emptied: 25497744 bytes
Total Files Cleaned = 594,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Default.migrated
User: Martin
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1410772076-1682251192-4122739941-1002Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1410772076-1682251192-4122739941-1002UA.job moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C9025ABC-81CC-492C-81D4-9DA87B28B4EE}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9025ABC-81CC-492C-81D4-9DA87B28B4EE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C9025ABC-81CC-492C-81D4-9DA87B28B4EE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9025ABC-81CC-492C-81D4-9DA87B28B4EE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1410772076-1682251192-4122739941-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ deleted successfully.
File C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Stáhnout s Mipony\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Stáhnout s Mipony\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP58AF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCDBB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB3F9.tmp folder deleted successfully.
C:\WINDOWS\Inf\Oracle Data Provider for .NET\tmp93F8.tmp deleted successfully.
C:\WINDOWS\Inf\Oracle Data Provider for .NET\tmp9409.tmp deleted successfully.
C:\WINDOWS\Inf\Oracle Data Provider for .NET\0000\tmp93F8.tmp deleted successfully.
C:\WINDOWS\Inf\Oracle Data Provider for .NET\0005\tmp93F8.tmp deleted successfully.
C:\WINDOWS\Inf\Oracle Data Provider for .NET\0009\tmp93F8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI8086.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI873F.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIB70F.tmp deleted successfully.
C:\WINDOWS\Installer\MSIF90E.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIFD65.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIFE12.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIFECF.tmp- folder deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\OLD\images\prettyPhoto\light_square\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\OLD\images\prettyPhoto\light_rounded\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\OLD\images\prettyPhoto\facebook\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\OLD\images\prettyPhoto\default\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\OLD\images\prettyPhoto\dark_square\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\OLD\images\prettyPhoto\dark_rounded\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\OLD\images\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\images\prettyPhoto\light_square\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\images\prettyPhoto\light_rounded\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\images\prettyPhoto\facebook\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\images\prettyPhoto\default\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\images\prettyPhoto\dark_square\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\images\prettyPhoto\dark_rounded\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\2. GRAFIKA\+SUUHK\SEZNAMOVÁK\SEZNAMOVÁK WEB\images\loader.gif:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\1. ŠKOLA\PSIT\Cisco\DIR příkaz - konfigurace switche skrz BOOT LOADER.PNG:ms-properties deleted successfully.
ADS C:\WINDOWS\Fonts\+KAMIKZOM.ttf:ms-properties deleted successfully.
ADS C:\WINDOWS\Fonts\+gunplay.ttf:ms-properties deleted successfully.
ADS C:\WINDOWS\Fonts\+3rd Man.otf:ms-properties deleted successfully.
ADS \Users\Martin\SkyDrive\Dokumenty\1. ŠKOLA\PGRF\Komprese projekt\c05_stepanek_martin\c05_stepanek_martin\src\c05_stepanek_martin\Img32Loader.java:ms-properties deleted successfully.
ADS C:\Users\Martin\SkyDrive:ms-properties deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 10212014_185438
Files\Folders moved on Reboot...
File\Folder C:\Users\Martin\AppData\Local\Temp\etilqs_e6T9vHVR3UMMsnq not found!
File\Folder C:\Users\Martin\AppData\Local\Temp\etilqs_JMrCnA2NLcxGdLC not found!
File\Folder C:\Users\Martin\AppData\Local\Temp\etilqs_NvvmbKpelAGlkh9 not found!
C:\Users\Martin\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_4 moved successfully.
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka s menším podezřením
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka s menším podezřením
A velikost te plochy?
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) 
vyosek píše:
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka s menším podezřením
Jej, pardon, velikost plochy je momentálně 505 MB, ale to jen protože tam přechodně přechovávám pár větších dokumentů, když mám uklizeno tak mám plochu klidně prázdnou 
Zatím děkuji moc za pomoc! Vše tedy pročistím, udělám nějaký zátěžový test a určitě dám vědět
Zatím děkuji moc za pomoc! Vše tedy pročistím, udělám nějaký zátěžový test a určitě dám vědět
Re: Preventivka s menším podezřením
Zas jako uplne prazdna byt nemusiLothaire píše:velikost plochy je momentálně 505 MB, ale to jen protože tam přechodně přechovávám pár větších dokumentů, když mám uklizeno tak mám plochu klidně prázdnou
Ale nemela by mit vic nez 200-300MB Zatim neni zac, budu vyhlizet snad dobrou zpravu
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka s menším podezřením
Tak po delší době se teda ozývám
Z chodu PC mám smíšené pocity... Nejdřív jsem po pročištění zaznamenal stoprocentní zlepšení, lítal jako drak. Postupem času jsem ale začal zaznamenávat dvě vady na kráse.
První je nabídka pod pravým tlačítkem myši... Je jedno o jaký soubor/složku jde a je jedno jestli to zkouším hned po startu PC nebo když už běží déle. Někdy se po kliknutí pravým tlačítkem na soubor nabídka objeví doslova okamžitě, v mžiku. A někdy se přede mnou to modré kolečko točí několik sekund. Nejvíc jsem naměřil 21 sekund. Nechybí moc a čekal bych půl minuty na nabídku pod pravým tlačítkem O.o
Další věc, co mě znepokojuje, je, když začnu dělat něco složitějšího (např. práce ve více programech najednou - photoshop, dreamweaver, apod.). Přijde mi, že mu složitější práce dává docela zabrat, celkově se zpomalí, zaseká a ani práce uvnitř programu často nebývá plynulá. Když se podívám na správce úloh, často hlásí vytížení disku na 100%, tak si nejsem jist jestli tam někde nebude problém. Je to ale jak kdy, tento příspěvek píšu už asi týden... Někdy si říkám že šlape dobře a že se mi to zdálo, tak ho neodešlu, někdy jsem nasr*, tak začnu znovu psát... Nu a dnes je to takové půl napůl, tak konečně píšu...
Z chodu PC mám smíšené pocity... Nejdřív jsem po pročištění zaznamenal stoprocentní zlepšení, lítal jako drak. Postupem času jsem ale začal zaznamenávat dvě vady na kráse.
První je nabídka pod pravým tlačítkem myši... Je jedno o jaký soubor/složku jde a je jedno jestli to zkouším hned po startu PC nebo když už běží déle. Někdy se po kliknutí pravým tlačítkem na soubor nabídka objeví doslova okamžitě, v mžiku. A někdy se přede mnou to modré kolečko točí několik sekund. Nejvíc jsem naměřil 21 sekund. Nechybí moc a čekal bych půl minuty na nabídku pod pravým tlačítkem O.o
Další věc, co mě znepokojuje, je, když začnu dělat něco složitějšího (např. práce ve více programech najednou - photoshop, dreamweaver, apod.). Přijde mi, že mu složitější práce dává docela zabrat, celkově se zpomalí, zaseká a ani práce uvnitř programu často nebývá plynulá. Když se podívám na správce úloh, často hlásí vytížení disku na 100%, tak si nejsem jist jestli tam někde nebude problém. Je to ale jak kdy, tento příspěvek píšu už asi týden... Někdy si říkám že šlape dobře a že se mi to zdálo, tak ho neodešlu, někdy jsem nasr*, tak začnu znovu psát... Nu a dnes je to takové půl napůl, tak konečně píšu...
Re: Preventivka s menším podezřením
Ze byste chytl zas neco noveho?
Dejte novy log z RSIT
Dejte novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka s menším podezřením
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2014-11-11 00:21:32
Microsoft Windows 8.1
System drive C: has 150 GB (17%) free of 905 GB
Total RAM: 8048 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:21:43, on 11. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GIGABYTEMOUSE] C:\Users\Martin\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - Startup: Logitech . Registrace produktu.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11831 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
dashost.exe {6384391a-6bf0-4917-a14c855b7634a4d5}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 22c864bf-d70c-4904-aedf-066685ed3627 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-57120237-fd75-4b03-84e0-5e6c2a12c978 -SystemEventPortName:HostProcess-12662410-ad50-4c80-91d6-368c42ec853c -IoCancelEventPortName:HostProcess-0fb2fd1d-e1e2-4d88-a665-79246579e6da -NonStateChangingEventPortName:HostProcess-5a3c9f50-4dca-4f05-86ee-cc3d17391e19 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6ec6f996-747a-44c7-81f8-89ba22269997 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskhostex.exe
taskeng.exe {DEE2CAF3-265A-4508-A5FE-4AB1A8C9C0D7}
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"dwm.exe"
taskhost.exe $(Arg0)
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5728.0.251430052\953820195" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.1.462407991\1333497760" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.2.1266091906\1033166191" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.3.348432568\233108257" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.4.1000749128\889061862" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.5.1751289922\1373214788" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.7.1464845354\784962574" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.9.2063511220\445057478" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.11.1471662031\1707704810" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.12.187085849\1663803116" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.20.1812138704\1823933083" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5728.21.1720291727\989819291" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.84.1823945948\2072643146" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.107.1948224829\1952056843" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prefetch/ExperimentYes/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.175.72619248\1172846757" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prefetch/ExperimentYes/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.182.1317460863\1908079329" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe134_ Global\UsGthrCtrlFltPipeMssGthrPipe134 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 596 600 608 65536 604
"C:\Users\Martin\Desktop\RSITx64.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@lastpass.com/NPLastPass]
"Description"=
"Path"=C:\Program Files (x86)\LastPass\nplastpass.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@lastpass.com/NPLastPass]
"Description"=
"Path"=C:\Program Files (x86)\LastPass\nplastpass64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer64,version=1.0]
"Description"=Unity Player 4.5.4f2
"Path"=C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-20 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-30 64640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-02 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31 433944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-09-16 2334416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-20 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-02 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31 364824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-09-05 2872720]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-10-26 13213840]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-10-29 1234064]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2012-08-27 6334096]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-09-30 64640]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-12-05 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-12-05 191544]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-04 2463552]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-10-04 2800296]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2012-12-19 172168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2012-12-19 400008]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2012-12-19 441992]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-07-31 3091224]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 3933496]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"AdobeBridge"= []
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2014-10-27 3095840]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-07-26 508656]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-02 4085896]
"GIGABYTEMOUSE"=C:\Users\Martin\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe [2013-10-14 1304576]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Logitech . Registrace produktu.lnk - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
PdaNet Desktop.lnk - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2012-12-13 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-06-13 66328]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"DisableCAD"=1
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 month======
2014-11-11 00:21:32 ----D---- C:\rsit
2014-11-09 19:58:12 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2014-11-09 19:58:04 ----D---- C:\WINDOWS\SYSWOW64\NV
2014-11-09 19:58:04 ----D---- C:\WINDOWS\system32\NV
2014-11-09 19:56:06 ----D---- C:\WINDOWS\LastGood
2014-11-09 19:53:33 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\system32\nvopencl.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\system32\drivers\nvpciflt.sys
2014-11-09 19:53:32 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2014-11-09 19:53:32 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2014-11-09 19:53:32 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2014-11-09 19:53:32 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2014-11-09 19:53:32 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2014-11-09 19:53:31 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\system32\nvdispgenco6434460.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\system32\nvdispco6434460.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\system32\nvcuda.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2014-11-01 00:45:42 ----D---- C:\WINDOWS\LastGood.Tmp
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\SET76C7.tmp
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\SET69F4.tmp
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\nvdispgenco6434448.dll
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\nvdispco6434448.dll
2014-10-27 17:28:27 ----D---- C:\Users\Martin\AppData\Roaming\e-academy Inc
2014-10-26 20:20:37 ----D---- C:\ProgramData\ALM
2014-10-25 13:25:46 ----D---- C:\Program Files (x86)\Middle Earth Shadow of Mordor
2014-10-24 14:24:48 ----D---- C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2014-10-18 17:34:54 ----D---- C:\Program Files\trend micro
2014-10-18 14:18:35 ----D---- C:\Program Files (x86)\Font Xplorer
2014-10-17 13:00:19 ----D---- C:\ProgramData\Last.fm
2014-10-17 13:00:19 ----D---- C:\Program Files (x86)\Winamp
2014-10-17 12:58:33 ----D---- C:\Program Files (x86)\Last.fm
2014-10-16 11:51:47 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-10-16 11:51:47 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-10-16 11:51:44 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-16 11:51:03 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-10-16 11:51:03 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-10-16 11:51:02 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-10-16 11:50:34 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-10-16 11:50:34 ----A---- C:\WINDOWS\system32\msi.dll
2014-10-15 20:25:31 ----D---- C:\Program Files\IHMC CmapTools
2014-10-15 14:29:51 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 14:28:00 ----A---- C:\WINDOWS\system32\win32k.sys
2014-10-15 14:27:32 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-10-15 14:27:32 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wups2.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wups.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-10-15 14:27:30 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-10-15 14:27:30 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-10-15 14:26:50 ----A---- C:\WINDOWS\system32\authui.dll
2014-10-15 14:26:49 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-10-15 14:26:49 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-10-15 14:26:40 ----A---- C:\WINDOWS\system32\shell32.dll
2014-10-15 14:26:38 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 14:26:37 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-10-15 14:26:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-10-15 14:26:33 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-10-15 14:26:32 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-10-15 14:26:31 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 14:26:30 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-10-15 14:26:28 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 14:26:27 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-10-15 14:26:27 ----A---- C:\WINDOWS\system32\KernelBase.dll
2014-10-15 14:26:26 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-10-15 14:26:26 ----A---- C:\WINDOWS\system32\propsys.dll
2014-10-15 14:26:25 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-10-15 14:26:24 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-10-15 14:26:24 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-10-15 14:26:24 ----A---- C:\WINDOWS\system32\Wldap32.dll
2014-10-15 14:26:24 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 14:26:23 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2014-10-15 14:26:22 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2014-10-15 14:26:21 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-10-15 14:26:21 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 14:26:19 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 14:26:19 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 14:26:19 ----A---- C:\WINDOWS\system32\httpprxm.dll
2014-10-15 14:26:19 ----A---- C:\WINDOWS\system32\bisrv.dll
2014-10-15 14:26:18 ----A---- C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 14:26:18 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-10-15 14:26:17 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-10-15 14:26:17 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 14:26:17 ----A---- C:\WINDOWS\system32\ProximityService.dll
2014-10-15 14:26:17 ----A---- C:\WINDOWS\system32\adhsvc.dll
2014-10-15 14:26:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 14:26:14 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 14:25:32 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-10-15 14:25:32 ----A---- C:\WINDOWS\system32\packager.dll
2014-10-15 14:23:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-10-15 14:23:45 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-10-15 14:23:35 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-10-15 14:23:32 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-10-15 14:23:28 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-10-15 14:23:25 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-10-15 14:23:22 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-10-15 14:23:21 ----A---- C:\WINDOWS\system32\wininet.dll
2014-10-15 14:23:20 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-10-15 14:23:18 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-10-15 14:23:18 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-10-15 14:23:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-10-15 14:23:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-10-15 14:23:13 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-10-15 14:23:10 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 14:23:09 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-10-15 14:23:09 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 14:23:05 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-10-15 14:23:01 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2014-10-15 14:23:01 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-14 13:10:46 ----D---- C:\Program Files\Defraggler
======List of files/folders modified in the last 1 month======
2014-11-11 00:21:30 ----D---- C:\WINDOWS\Prefetch
2014-11-11 00:20:19 ----D---- C:\ProgramData\Origin
2014-11-11 00:20:01 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2014-11-11 00:02:04 ----D---- C:\WINDOWS\system32\sru
2014-11-10 22:27:55 ----D---- C:\WINDOWS\Temp
2014-11-10 20:28:56 ----D---- C:\Program Files (x86)\Origin
2014-11-10 17:02:37 ----D---- C:\WINDOWS\Microsoft.NET
2014-11-10 13:44:21 ----RD---- C:\WINDOWS\System32
2014-11-10 13:44:21 ----D---- C:\WINDOWS\Inf
2014-11-10 13:44:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-10 10:24:27 ----HD---- C:\Program Files\WindowsApps
2014-11-10 10:24:22 ----D---- C:\WINDOWS\AppReadiness
2014-11-09 19:58:48 ----D---- C:\ProgramData\NVIDIA
2014-11-09 19:58:36 ----D---- C:\WINDOWS\SysWOW64
2014-11-09 19:58:34 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-11-09 19:56:08 ----D---- C:\WINDOWS\system32\drivers
2014-11-09 19:56:06 ----D---- C:\Windows
2014-11-09 19:55:56 ----D---- C:\WINDOWS\system32\DriverStore
2014-11-09 10:19:14 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-11-07 21:35:52 ----D---- C:\Program Files (x86)\Steam
2014-11-07 17:18:22 ----D---- C:\Users\Martin\AppData\Roaming\uTorrent
2014-11-07 15:10:53 ----SHD---- C:\System Volume Information
2014-11-03 00:12:51 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2014-11-02 19:43:01 ----D---- C:\Program Files (x86)\Gyazo
2014-11-02 18:43:56 ----D---- C:\WINDOWS\system32\Tasks
2014-11-01 00:48:33 ----SHD---- C:\WINDOWS\Installer
2014-11-01 00:48:32 ----SHD---- C:\Config.Msi
2014-10-31 17:50:16 ----D---- C:\ProgramData\SP_FT_Logs
2014-10-31 15:18:57 ----RD---- C:\Program Files (x86)
2014-10-31 15:14:52 ----D---- C:\Program Files (x86)\Encore
2014-10-31 12:32:11 ----SHD---- C:\WINDOWS\SYSWOW64\AI_RecycleBin
2014-10-31 12:32:11 ----SHD---- C:\$Recycle.Bin
2014-10-31 12:17:03 ----D---- C:\WINDOWS\system32\config
2014-10-30 22:40:10 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2014-10-30 05:53:26 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2014-10-30 05:53:26 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2014-10-30 05:53:26 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2014-10-30 05:53:26 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2014-10-30 05:53:26 ----A---- C:\WINDOWS\system32\nvinitx.dll
2014-10-30 05:53:26 ----A---- C:\WINDOWS\system32\nvapi64.dll
2014-10-30 03:10:36 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2014-10-30 03:10:36 ----A---- C:\WINDOWS\system32\nvcpl.dll
2014-10-30 03:10:34 ----A---- C:\WINDOWS\SYSWOW64\oemdspif.dll
2014-10-30 03:10:34 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2014-10-30 03:10:34 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2014-10-30 03:10:34 ----A---- C:\WINDOWS\system32\nvshext.dll
2014-10-30 03:10:34 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2014-10-30 03:10:34 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2014-10-30 03:10:33 ----A---- C:\WINDOWS\system32\nvmctray.dll
2014-10-28 14:39:46 ----D---- C:\Program Files (x86)\Battle.net
2014-10-26 20:27:30 ----D---- C:\Program Files\Common Files\Adobe
2014-10-26 20:26:14 ----D---- C:\Program Files (x86)\Adobe
2014-10-26 20:20:37 ----HD---- C:\ProgramData
2014-10-26 20:11:15 ----RSD---- C:\WINDOWS\Fonts
2014-10-26 20:05:35 ----D---- C:\ProgramData\Adobe
2014-10-26 19:02:26 ----D---- C:\Program Files\Adobe
2014-10-24 19:45:29 ----D---- C:\WINDOWS\WinSxS
2014-10-24 14:47:35 ----RSD---- C:\WINDOWS\assembly
2014-10-24 14:41:55 ----D---- C:\WINDOWS\Logs
2014-10-24 14:24:17 ----D---- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
2014-10-22 19:31:45 ----D---- C:\Users\Martin\AppData\Roaming\Webshare
2014-10-22 13:02:16 ----D---- C:\WINDOWS\SoftwareDistribution
2014-10-22 11:16:02 ----D---- C:\WINDOWS\debug
2014-10-22 09:34:54 ----D---- C:\WINDOWS\system32\FxsTmp
2014-10-22 09:33:29 ----D---- C:\Users\Martin\AppData\Roaming\VMware
2014-10-21 17:56:25 ----D---- C:\WINDOWS\Tasks
2014-10-21 17:56:06 ----D---- C:\WINDOWS\system32\drivers\etc
2014-10-20 05:03:38 ----D---- C:\ProgramData\Microsoft Help
2014-10-19 12:43:00 ----D---- C:\Program Files (x86)\Amazon
2014-10-19 09:39:04 ----D---- C:\WINDOWS\system32\MRT
2014-10-19 09:33:06 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-19 00:11:32 ----D---- C:\WINDOWS\system32\catroot2
2014-10-19 00:11:32 ----D---- C:\WINDOWS\system32\catroot
2014-10-18 17:34:54 ----D---- C:\Program Files
2014-10-18 10:11:26 ----D---- C:\WINDOWS\rescache
2014-10-18 09:13:06 ----SD---- C:\WINDOWS\system32\CompatTel
2014-10-18 09:13:06 ----D---- C:\WINDOWS\MediaViewer
2014-10-18 09:13:06 ----D---- C:\WINDOWS\FileManager
2014-10-18 09:13:06 ----D---- C:\WINDOWS\Camera
2014-10-16 17:54:03 ----A---- C:\WINDOWS\SYSWOW64\SETB02C.tmp
2014-10-16 17:54:03 ----A---- C:\WINDOWS\SYSWOW64\SETA356.tmp
2014-10-16 17:54:03 ----A---- C:\WINDOWS\SYSWOW64\SETA2F6.tmp
2014-10-16 17:54:03 ----A---- C:\WINDOWS\system32\SET7C58.tmp
2014-10-16 17:54:03 ----A---- C:\WINDOWS\system32\SET68D8.tmp
2014-10-16 17:54:03 ----A---- C:\WINDOWS\system32\SET522D.tmp
2014-10-16 13:01:10 ----D---- C:\WINDOWS\CbsTemp
2014-10-15 15:35:53 ----RD---- C:\WINDOWS\ToastData
2014-10-15 15:35:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-10-15 15:35:53 ----D---- C:\WINDOWS\system32\cs-CZ
2014-10-15 15:35:53 ----D---- C:\Program Files\Internet Explorer
2014-10-15 15:35:53 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 15:35:52 ----D---- C:\WINDOWS\WinStore
2014-10-15 14:30:53 ----A---- C:\WINDOWS\win.ini
2014-10-14 14:05:26 ----D---- C:\Program Files (x86)\WarThunder
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-08-02 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-08-02 224896]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2012-12-05 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2014-10-30 31560]
R0 PxHlpa64;PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-08-02 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-08-02 1041168]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-08-02 427360]
R1 dtsoftbus01;@oem67.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-01-02 283064]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-08-02 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-08-02 79184]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-08-02 92008]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2012-08-29 52376]
R3 ACPIVPC;@oem45.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2012-12-05 33560]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BTATH_HCRP;@oem47.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-09-30 178840]
R3 BTATH_RCP;@oem50.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-09-30 135832]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ETD;@oem37.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-09-05 318800]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-12-13 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-10-30 4201104]
R3 IntcDAud;@oem35.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem61.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-09-26 27032]
R3 LEqdUsb;@oem81.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys [2013-05-23 77592]
R3 LHidEqd;@oem82.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys [2013-05-23 13080]
R3 LHidFilt;@oem85.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2013-05-23 76568]
R3 MEIx64;@oem54.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-10-30 13189832]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-04 20288]
R3 nvvad_WaveExtensible;@oem107.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 rtsuvc;@oem16.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2012-08-27 8227216]
S3 androidusb;@oem88.inf,%androidusb.SvcDesc%;ADB Interface Driver; C:\WINDOWS\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 AthBTPort;@oem44.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-09-30 88728]
S3 BTATH_A2DP;@oem43.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-09-30 344216]
S3 btath_avdt;@oem43.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-09-30 114840]
S3 BTATH_LWFLT;@oem48.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-09-30 76952]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 intaud_WaveExtensible;@oem60.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-09-26 39320]
S3 LGDDCDevice;LGDDCDevice; \??\C:\WINDOWS\system32\LGI2CDriver.sys []
S3 LGII2CDevice;LGII2CDevice; \??\C:\WINDOWS\system32\LGPII2CDriver.sys []
S3 pneteth;@oem56.inf,%pneteth.Service.DispName%;PdaNet Broadband; C:\WINDOWS\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 RSUSBVSTOR;@oem53.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-13 315536]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-08-22 20992]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 usbser;@oem89.inf,%SERVICE%;USB RS-232 Emulation Driver; C:\WINDOWS\system32\DRIVERS\USBSER.sys [2013-08-22 33280]
S3 vmusb;@oem69.inf,%S_ServiceDisplayName%;VMware USB Client Driver; C:\WINDOWS\System32\Drivers\vmusb.sys [2012-08-29 37680]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-02 50344]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-04 1149760]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-04 19440960]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-10-30 935232]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-06-04 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-10-30 411968]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-12-11 1050904]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2012-12-19 277640]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2014-07-09 107552]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-06-13 357144]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-11-07 1900400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-09-30 220288]
S4 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-02-28 9216]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-02 114288]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [2011-08-27 49152]
S4 OracleMTSRecoveryService;OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [2011-08-27 69632]
S4 OracleServiceXE;OracleServiceXE; c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [2011-08-27 115773440]
S4 OracleXEClrAgent;OracleXEClrAgent; C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [2011-08-27 12800]
S4 OracleXETNSListener;OracleXETNSListener; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [2011-08-27 512000]
S4 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
S4 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-08-29 918168]
S4 vmware-view-usbd;VMware View USB; C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe [2012-09-05 2433024]
-----------------EOF-----------------
Run by Martin at 2014-11-11 00:21:32
Microsoft Windows 8.1
System drive C: has 150 GB (17%) free of 905 GB
Total RAM: 8048 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:21:43, on 11. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GIGABYTEMOUSE] C:\Users\Martin\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - Startup: Logitech . Registrace produktu.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11831 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
dashost.exe {6384391a-6bf0-4917-a14c855b7634a4d5}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 22c864bf-d70c-4904-aedf-066685ed3627 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-57120237-fd75-4b03-84e0-5e6c2a12c978 -SystemEventPortName:HostProcess-12662410-ad50-4c80-91d6-368c42ec853c -IoCancelEventPortName:HostProcess-0fb2fd1d-e1e2-4d88-a665-79246579e6da -NonStateChangingEventPortName:HostProcess-5a3c9f50-4dca-4f05-86ee-cc3d17391e19 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6ec6f996-747a-44c7-81f8-89ba22269997 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskhostex.exe
taskeng.exe {DEE2CAF3-265A-4508-A5FE-4AB1A8C9C0D7}
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"dwm.exe"
taskhost.exe $(Arg0)
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5728.0.251430052\953820195" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.1.462407991\1333497760" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.2.1266091906\1033166191" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.3.348432568\233108257" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.4.1000749128\889061862" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.5.1751289922\1373214788" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.7.1464845354\784962574" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.9.2063511220\445057478" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.11.1471662031\1707704810" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.12.187085849\1663803116" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.20.1812138704\1823933083" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5728.21.1720291727\989819291" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.84.1823945948\2072643146" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.107.1948224829\1952056843" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prefetch/ExperimentYes/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.175.72619248\1172846757" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prefetch/ExperimentYes/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="5728.182.1317460863\1908079329" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe134_ Global\UsGthrCtrlFltPipeMssGthrPipe134 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 596 600 608 65536 604
"C:\Users\Martin\Desktop\RSITx64.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@lastpass.com/NPLastPass]
"Description"=
"Path"=C:\Program Files (x86)\LastPass\nplastpass.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@lastpass.com/NPLastPass]
"Description"=
"Path"=C:\Program Files (x86)\LastPass\nplastpass64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer64,version=1.0]
"Description"=Unity Player 4.5.4f2
"Path"=C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-20 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-30 64640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-02 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31 433944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-09-16 2334416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-20 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-02 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31 364824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-09-05 2872720]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-10-26 13213840]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-10-29 1234064]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2012-08-27 6334096]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-09-30 64640]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-12-05 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-12-05 191544]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-04 2463552]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-10-04 2800296]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2012-12-19 172168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2012-12-19 400008]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2012-12-19 441992]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-07-31 3091224]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 3933496]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"AdobeBridge"= []
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2014-10-27 3095840]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-07-26 508656]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-02 4085896]
"GIGABYTEMOUSE"=C:\Users\Martin\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe [2013-10-14 1304576]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Logitech . Registrace produktu.lnk - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
PdaNet Desktop.lnk - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2012-12-13 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-06-13 66328]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"DisableCAD"=1
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 month======
2014-11-11 00:21:32 ----D---- C:\rsit
2014-11-09 19:58:12 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2014-11-09 19:58:04 ----D---- C:\WINDOWS\SYSWOW64\NV
2014-11-09 19:58:04 ----D---- C:\WINDOWS\system32\NV
2014-11-09 19:56:06 ----D---- C:\WINDOWS\LastGood
2014-11-09 19:53:33 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\system32\nvopencl.dll
2014-11-09 19:53:33 ----A---- C:\WINDOWS\system32\drivers\nvpciflt.sys
2014-11-09 19:53:32 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2014-11-09 19:53:32 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2014-11-09 19:53:32 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2014-11-09 19:53:32 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2014-11-09 19:53:32 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2014-11-09 19:53:31 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\system32\nvdispgenco6434460.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\system32\nvdispco6434460.dll
2014-11-09 19:53:31 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\system32\nvcuda.dll
2014-11-09 19:53:30 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2014-11-01 00:45:42 ----D---- C:\WINDOWS\LastGood.Tmp
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\SET76C7.tmp
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\SET69F4.tmp
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\nvdispgenco6434448.dll
2014-11-01 00:44:35 ----A---- C:\WINDOWS\system32\nvdispco6434448.dll
2014-10-27 17:28:27 ----D---- C:\Users\Martin\AppData\Roaming\e-academy Inc
2014-10-26 20:20:37 ----D---- C:\ProgramData\ALM
2014-10-25 13:25:46 ----D---- C:\Program Files (x86)\Middle Earth Shadow of Mordor
2014-10-24 14:24:48 ----D---- C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2014-10-18 17:34:54 ----D---- C:\Program Files\trend micro
2014-10-18 14:18:35 ----D---- C:\Program Files (x86)\Font Xplorer
2014-10-17 13:00:19 ----D---- C:\ProgramData\Last.fm
2014-10-17 13:00:19 ----D---- C:\Program Files (x86)\Winamp
2014-10-17 12:58:33 ----D---- C:\Program Files (x86)\Last.fm
2014-10-16 11:51:47 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-10-16 11:51:47 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-10-16 11:51:44 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-16 11:51:03 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-10-16 11:51:03 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-10-16 11:51:02 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-10-16 11:50:34 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-10-16 11:50:34 ----A---- C:\WINDOWS\system32\msi.dll
2014-10-15 20:25:31 ----D---- C:\Program Files\IHMC CmapTools
2014-10-15 14:29:51 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 14:28:00 ----A---- C:\WINDOWS\system32\win32k.sys
2014-10-15 14:27:32 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-10-15 14:27:32 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wups2.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wups.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-10-15 14:27:31 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-10-15 14:27:30 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-10-15 14:27:30 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-10-15 14:26:50 ----A---- C:\WINDOWS\system32\authui.dll
2014-10-15 14:26:49 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-10-15 14:26:49 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-10-15 14:26:40 ----A---- C:\WINDOWS\system32\shell32.dll
2014-10-15 14:26:38 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 14:26:37 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-10-15 14:26:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-10-15 14:26:33 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-10-15 14:26:32 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-10-15 14:26:31 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 14:26:30 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-10-15 14:26:28 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 14:26:27 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-10-15 14:26:27 ----A---- C:\WINDOWS\system32\KernelBase.dll
2014-10-15 14:26:26 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-10-15 14:26:26 ----A---- C:\WINDOWS\system32\propsys.dll
2014-10-15 14:26:25 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-10-15 14:26:24 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-10-15 14:26:24 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-10-15 14:26:24 ----A---- C:\WINDOWS\system32\Wldap32.dll
2014-10-15 14:26:24 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 14:26:23 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2014-10-15 14:26:22 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2014-10-15 14:26:21 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-10-15 14:26:21 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 14:26:19 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 14:26:19 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 14:26:19 ----A---- C:\WINDOWS\system32\httpprxm.dll
2014-10-15 14:26:19 ----A---- C:\WINDOWS\system32\bisrv.dll
2014-10-15 14:26:18 ----A---- C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 14:26:18 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-10-15 14:26:17 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-10-15 14:26:17 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 14:26:17 ----A---- C:\WINDOWS\system32\ProximityService.dll
2014-10-15 14:26:17 ----A---- C:\WINDOWS\system32\adhsvc.dll
2014-10-15 14:26:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 14:26:14 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 14:25:32 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-10-15 14:25:32 ----A---- C:\WINDOWS\system32\packager.dll
2014-10-15 14:23:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-10-15 14:23:45 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-10-15 14:23:35 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-10-15 14:23:32 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-10-15 14:23:28 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-10-15 14:23:25 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-10-15 14:23:22 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-10-15 14:23:21 ----A---- C:\WINDOWS\system32\wininet.dll
2014-10-15 14:23:20 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-10-15 14:23:18 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-10-15 14:23:18 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-10-15 14:23:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-10-15 14:23:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-10-15 14:23:13 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-10-15 14:23:10 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 14:23:09 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-10-15 14:23:09 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 14:23:05 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 14:23:04 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-10-15 14:23:01 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2014-10-15 14:23:01 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-14 13:10:46 ----D---- C:\Program Files\Defraggler
======List of files/folders modified in the last 1 month======
2014-11-11 00:21:30 ----D---- C:\WINDOWS\Prefetch
2014-11-11 00:20:19 ----D---- C:\ProgramData\Origin
2014-11-11 00:20:01 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2014-11-11 00:02:04 ----D---- C:\WINDOWS\system32\sru
2014-11-10 22:27:55 ----D---- C:\WINDOWS\Temp
2014-11-10 20:28:56 ----D---- C:\Program Files (x86)\Origin
2014-11-10 17:02:37 ----D---- C:\WINDOWS\Microsoft.NET
2014-11-10 13:44:21 ----RD---- C:\WINDOWS\System32
2014-11-10 13:44:21 ----D---- C:\WINDOWS\Inf
2014-11-10 13:44:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-10 10:24:27 ----HD---- C:\Program Files\WindowsApps
2014-11-10 10:24:22 ----D---- C:\WINDOWS\AppReadiness
2014-11-09 19:58:48 ----D---- C:\ProgramData\NVIDIA
2014-11-09 19:58:36 ----D---- C:\WINDOWS\SysWOW64
2014-11-09 19:58:34 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-11-09 19:56:08 ----D---- C:\WINDOWS\system32\drivers
2014-11-09 19:56:06 ----D---- C:\Windows
2014-11-09 19:55:56 ----D---- C:\WINDOWS\system32\DriverStore
2014-11-09 10:19:14 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-11-07 21:35:52 ----D---- C:\Program Files (x86)\Steam
2014-11-07 17:18:22 ----D---- C:\Users\Martin\AppData\Roaming\uTorrent
2014-11-07 15:10:53 ----SHD---- C:\System Volume Information
2014-11-03 00:12:51 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2014-11-02 19:43:01 ----D---- C:\Program Files (x86)\Gyazo
2014-11-02 18:43:56 ----D---- C:\WINDOWS\system32\Tasks
2014-11-01 00:48:33 ----SHD---- C:\WINDOWS\Installer
2014-11-01 00:48:32 ----SHD---- C:\Config.Msi
2014-10-31 17:50:16 ----D---- C:\ProgramData\SP_FT_Logs
2014-10-31 15:18:57 ----RD---- C:\Program Files (x86)
2014-10-31 15:14:52 ----D---- C:\Program Files (x86)\Encore
2014-10-31 12:32:11 ----SHD---- C:\WINDOWS\SYSWOW64\AI_RecycleBin
2014-10-31 12:32:11 ----SHD---- C:\$Recycle.Bin
2014-10-31 12:17:03 ----D---- C:\WINDOWS\system32\config
2014-10-30 22:40:10 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2014-10-30 05:53:26 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2014-10-30 05:53:26 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2014-10-30 05:53:26 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2014-10-30 05:53:26 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2014-10-30 05:53:26 ----A---- C:\WINDOWS\system32\nvinitx.dll
2014-10-30 05:53:26 ----A---- C:\WINDOWS\system32\nvapi64.dll
2014-10-30 03:10:36 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2014-10-30 03:10:36 ----A---- C:\WINDOWS\system32\nvcpl.dll
2014-10-30 03:10:34 ----A---- C:\WINDOWS\SYSWOW64\oemdspif.dll
2014-10-30 03:10:34 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2014-10-30 03:10:34 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2014-10-30 03:10:34 ----A---- C:\WINDOWS\system32\nvshext.dll
2014-10-30 03:10:34 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2014-10-30 03:10:34 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2014-10-30 03:10:33 ----A---- C:\WINDOWS\system32\nvmctray.dll
2014-10-28 14:39:46 ----D---- C:\Program Files (x86)\Battle.net
2014-10-26 20:27:30 ----D---- C:\Program Files\Common Files\Adobe
2014-10-26 20:26:14 ----D---- C:\Program Files (x86)\Adobe
2014-10-26 20:20:37 ----HD---- C:\ProgramData
2014-10-26 20:11:15 ----RSD---- C:\WINDOWS\Fonts
2014-10-26 20:05:35 ----D---- C:\ProgramData\Adobe
2014-10-26 19:02:26 ----D---- C:\Program Files\Adobe
2014-10-24 19:45:29 ----D---- C:\WINDOWS\WinSxS
2014-10-24 14:47:35 ----RSD---- C:\WINDOWS\assembly
2014-10-24 14:41:55 ----D---- C:\WINDOWS\Logs
2014-10-24 14:24:17 ----D---- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
2014-10-22 19:31:45 ----D---- C:\Users\Martin\AppData\Roaming\Webshare
2014-10-22 13:02:16 ----D---- C:\WINDOWS\SoftwareDistribution
2014-10-22 11:16:02 ----D---- C:\WINDOWS\debug
2014-10-22 09:34:54 ----D---- C:\WINDOWS\system32\FxsTmp
2014-10-22 09:33:29 ----D---- C:\Users\Martin\AppData\Roaming\VMware
2014-10-21 17:56:25 ----D---- C:\WINDOWS\Tasks
2014-10-21 17:56:06 ----D---- C:\WINDOWS\system32\drivers\etc
2014-10-20 05:03:38 ----D---- C:\ProgramData\Microsoft Help
2014-10-19 12:43:00 ----D---- C:\Program Files (x86)\Amazon
2014-10-19 09:39:04 ----D---- C:\WINDOWS\system32\MRT
2014-10-19 09:33:06 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-19 00:11:32 ----D---- C:\WINDOWS\system32\catroot2
2014-10-19 00:11:32 ----D---- C:\WINDOWS\system32\catroot
2014-10-18 17:34:54 ----D---- C:\Program Files
2014-10-18 10:11:26 ----D---- C:\WINDOWS\rescache
2014-10-18 09:13:06 ----SD---- C:\WINDOWS\system32\CompatTel
2014-10-18 09:13:06 ----D---- C:\WINDOWS\MediaViewer
2014-10-18 09:13:06 ----D---- C:\WINDOWS\FileManager
2014-10-18 09:13:06 ----D---- C:\WINDOWS\Camera
2014-10-16 17:54:03 ----A---- C:\WINDOWS\SYSWOW64\SETB02C.tmp
2014-10-16 17:54:03 ----A---- C:\WINDOWS\SYSWOW64\SETA356.tmp
2014-10-16 17:54:03 ----A---- C:\WINDOWS\SYSWOW64\SETA2F6.tmp
2014-10-16 17:54:03 ----A---- C:\WINDOWS\system32\SET7C58.tmp
2014-10-16 17:54:03 ----A---- C:\WINDOWS\system32\SET68D8.tmp
2014-10-16 17:54:03 ----A---- C:\WINDOWS\system32\SET522D.tmp
2014-10-16 13:01:10 ----D---- C:\WINDOWS\CbsTemp
2014-10-15 15:35:53 ----RD---- C:\WINDOWS\ToastData
2014-10-15 15:35:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-10-15 15:35:53 ----D---- C:\WINDOWS\system32\cs-CZ
2014-10-15 15:35:53 ----D---- C:\Program Files\Internet Explorer
2014-10-15 15:35:53 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 15:35:52 ----D---- C:\WINDOWS\WinStore
2014-10-15 14:30:53 ----A---- C:\WINDOWS\win.ini
2014-10-14 14:05:26 ----D---- C:\Program Files (x86)\WarThunder
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-08-02 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-08-02 224896]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2012-12-05 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2014-10-30 31560]
R0 PxHlpa64;PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-08-02 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-08-02 1041168]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-08-02 427360]
R1 dtsoftbus01;@oem67.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-01-02 283064]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-08-02 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-08-02 79184]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-08-02 92008]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2012-08-29 52376]
R3 ACPIVPC;@oem45.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2012-12-05 33560]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BTATH_HCRP;@oem47.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-09-30 178840]
R3 BTATH_RCP;@oem50.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-09-30 135832]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ETD;@oem37.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-09-05 318800]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-12-13 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-10-30 4201104]
R3 IntcDAud;@oem35.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem61.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-09-26 27032]
R3 LEqdUsb;@oem81.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys [2013-05-23 77592]
R3 LHidEqd;@oem82.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys [2013-05-23 13080]
R3 LHidFilt;@oem85.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2013-05-23 76568]
R3 MEIx64;@oem54.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-10-30 13189832]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-04 20288]
R3 nvvad_WaveExtensible;@oem107.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 rtsuvc;@oem16.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2012-08-27 8227216]
S3 androidusb;@oem88.inf,%androidusb.SvcDesc%;ADB Interface Driver; C:\WINDOWS\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 AthBTPort;@oem44.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-09-30 88728]
S3 BTATH_A2DP;@oem43.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-09-30 344216]
S3 btath_avdt;@oem43.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-09-30 114840]
S3 BTATH_LWFLT;@oem48.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-09-30 76952]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 intaud_WaveExtensible;@oem60.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-09-26 39320]
S3 LGDDCDevice;LGDDCDevice; \??\C:\WINDOWS\system32\LGI2CDriver.sys []
S3 LGII2CDevice;LGII2CDevice; \??\C:\WINDOWS\system32\LGPII2CDriver.sys []
S3 pneteth;@oem56.inf,%pneteth.Service.DispName%;PdaNet Broadband; C:\WINDOWS\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 RSUSBVSTOR;@oem53.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-13 315536]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-08-22 20992]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 usbser;@oem89.inf,%SERVICE%;USB RS-232 Emulation Driver; C:\WINDOWS\system32\DRIVERS\USBSER.sys [2013-08-22 33280]
S3 vmusb;@oem69.inf,%S_ServiceDisplayName%;VMware USB Client Driver; C:\WINDOWS\System32\Drivers\vmusb.sys [2012-08-29 37680]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-02 50344]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-04 1149760]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-04 19440960]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-10-30 935232]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-06-04 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-10-30 411968]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-12-11 1050904]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2012-12-19 277640]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2014-07-09 107552]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-06-13 357144]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-11-07 1900400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-09-30 220288]
S4 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-02-28 9216]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-02 114288]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [2011-08-27 49152]
S4 OracleMTSRecoveryService;OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [2011-08-27 69632]
S4 OracleServiceXE;OracleServiceXE; c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [2011-08-27 115773440]
S4 OracleXEClrAgent;OracleXEClrAgent; C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [2011-08-27 12800]
S4 OracleXETNSListener;OracleXETNSListener; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [2011-08-27 512000]
S4 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
S4 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-08-29 918168]
S4 vmware-view-usbd;VMware View USB; C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe [2012-09-05 2433024]
-----------------EOF-----------------
Re: Preventivka s menším podezřením
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka s menším podezřením
# AdwCleaner v4.101 - Report created 11/11/2014 at 18:22:52
# Updated 09/11/2014 by Xplode
# Database : 2014-11-10.9 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : Martin - CHECKPOINT
# Running from : C:\Users\Martin\Desktop\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Martin\AppData\Local\CrashRpt
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{1BBF13E0-551E-42DD-91F4-1A547443FFDA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKCU\Software\Conduit
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v32.0.3 (x86 cs)
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R1].txt - [1157 octets] - [11/11/2014 18:18:19]
AdwCleaner[S1].txt - [1039 octets] - [11/11/2014 18:22:52]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1099 octets] ##########
# Updated 09/11/2014 by Xplode
# Database : 2014-11-10.9 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : Martin - CHECKPOINT
# Running from : C:\Users\Martin\Desktop\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Martin\AppData\Local\CrashRpt
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{1BBF13E0-551E-42DD-91F4-1A547443FFDA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKCU\Software\Conduit
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v32.0.3 (x86 cs)
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R1].txt - [1157 octets] - [11/11/2014 18:18:19]
AdwCleaner[S1].txt - [1039 octets] - [11/11/2014 18:22:52]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1099 octets] ##########
Re: Preventivka s menším podezřením
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka s menším podezřením
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 19. 11. 2014
Čas skenování: 10:29:17
Protokol: log.txt
Správce: Ano
Verze: 2.00.3.1025
Databáze malwaru: v2014.11.19.03
Databáze rootkitů: v2014.11.18.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Martin
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 772937
Uplynulý čas: 7 hod, 11 min, 0 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 15
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [4d52cf6e2d4f9a9c4cdcc65b45be05fb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [4d52cf6e2d4f9a9c4cdcc65b45be05fb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [4d52cf6e2d4f9a9c4cdcc65b45be05fb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [4d52cf6e2d4f9a9c4cdcc65b45be05fb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{88EA108C-EE01-43A8-9A7F-E6E45030BECA}, , [4d52cf6e2d4f9a9c4cdcc65b45be05fb],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\locale, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\locale\en-US, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor, , [4e514df0acd037ff430972c4b64dbb45],
Soubory: 48
CrackTool.Agent, C:\$Recycle.Bin\S-1-5-21-1410772076-1682251192-4122739941-1002\$RIEHCT2.exe, , [2877d964d5a752e49b1fd366827f8b75],
RiskWare.Tool.CK, C:\$Recycle.Bin\S-1-5-21-1410772076-1682251192-4122739941-1002\$RBILDJ8\Office 2007 - Enterprise - CZ\Crack-Serial\kegen.rar, , [059a36078defbc7a5064d25c976b817f],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll, , [07982914215bb6800e76f7686c9644bc],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\amtlib.dll, , [346bdb62ef8dcd69afd463fc5da510f0],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\amtlib.dll, , [306ff944f488b086186b045b54ae847c],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe Flash CS6\amtlib.dll, , [564991ac7ffd7eb80182560961a1669a],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\amtlib.dll, , [920df14c611b86b0ec97d38cff032ad6],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe InDesign CS6\amtlib.dll, , [08972d10027a22144142134cff0317e9],
PUP.Optional.PodoWeb.A, C:\Program Files (x86)\PodoWeb\updatePodoWeb(178).exe, , [a1fedc61e09c1521afce941f1ee3827e],
PUP.Optional.PodoWeb.A, C:\Program Files (x86)\PodoWeb\bin\utilPodoWeb(179).exe, , [f4abb984324a1125a7d6a90a8180639d],
VirTool.Obfuscator, C:\Program Files (x86)\Saints Row IV\steam_api.dll, , [227dcb724438ee48b95141f80ff29b65],
Trojan.VirTool, C:\Program Files (x86)\The Elder Scrolls V Skyrim\steam_api.dll, , [f5aa57e629538ea842c77c0cf30f5fa1],
Trojan.Onlinegames, C:\Program Files (x86)\The Sims 4\Game\Bin\3dmgame.dll, , [554aeb52611ba69043958d2458aaca36],
PUP.GameHack, C:\Program Files (x86)\The Sims 4\Game\Bin\is-AK56V.tmp, , [bce39ca1b6c6a78ff43d436d8f7318e8],
PUP.RiskwareTool.CK, C:\Users\Martin\Documents\4. PROGRAMY\Adobe CS6\amtlib.dll\32-bit\amtlib.dll, , [b6e90e2f6715ab8b8af9213ee919966a],
PUP.RiskwareTool.CK, C:\Users\Martin\Documents\4. PROGRAMY\Adobe CS6\amtlib.dll\64-bit\amtlib.dll, , [3d620c315e1ed26486fe7ae5a85a659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi, , [efb0ca73b3c9b284afc580b644bfd828],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\install.rdf, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\background.html, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\browser.xul, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\ffCoreFilesIndex.txt, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\options.xul, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\search_dialog.xul, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\manifest.xml, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins.json, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\locale\en-US\translations.dtd, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button1.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button2.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button3.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button4.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button5.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\crossrider_statusbar.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon128.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon16.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon24.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon48.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\panelarrow-up.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\popup.html, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\skin.css, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\update.css, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\1293297481.mxaddon, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\c48fe4d2-e847-4f6c-a6df-af50db53d192.crx, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\c48fe4d2-e847-4f6c-a6df-af50db53d192.xpi, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\background.html, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\bb15f112-afbf-484f-91c5-c02a471aaff2.crx, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\bgNova.html, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor\icon.png, , [4e514df0acd037ff430972c4b64dbb45],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx, , [4e514df0acd037ff430972c4b64dbb45],
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
www.malwarebytes.org
Datum skenování: 19. 11. 2014
Čas skenování: 10:29:17
Protokol: log.txt
Správce: Ano
Verze: 2.00.3.1025
Databáze malwaru: v2014.11.19.03
Databáze rootkitů: v2014.11.18.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Martin
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 772937
Uplynulý čas: 7 hod, 11 min, 0 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 15
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [4d52cf6e2d4f9a9c4cdcc65b45be05fb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [4d52cf6e2d4f9a9c4cdcc65b45be05fb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [4d52cf6e2d4f9a9c4cdcc65b45be05fb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [4d52cf6e2d4f9a9c4cdcc65b45be05fb],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{88EA108C-EE01-43A8-9A7F-E6E45030BECA}, , [4d52cf6e2d4f9a9c4cdcc65b45be05fb],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\locale, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\locale\en-US, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor, , [4e514df0acd037ff430972c4b64dbb45],
Soubory: 48
CrackTool.Agent, C:\$Recycle.Bin\S-1-5-21-1410772076-1682251192-4122739941-1002\$RIEHCT2.exe, , [2877d964d5a752e49b1fd366827f8b75],
RiskWare.Tool.CK, C:\$Recycle.Bin\S-1-5-21-1410772076-1682251192-4122739941-1002\$RBILDJ8\Office 2007 - Enterprise - CZ\Crack-Serial\kegen.rar, , [059a36078defbc7a5064d25c976b817f],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll, , [07982914215bb6800e76f7686c9644bc],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\amtlib.dll, , [346bdb62ef8dcd69afd463fc5da510f0],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\amtlib.dll, , [306ff944f488b086186b045b54ae847c],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe Flash CS6\amtlib.dll, , [564991ac7ffd7eb80182560961a1669a],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\amtlib.dll, , [920df14c611b86b0ec97d38cff032ad6],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe InDesign CS6\amtlib.dll, , [08972d10027a22144142134cff0317e9],
PUP.Optional.PodoWeb.A, C:\Program Files (x86)\PodoWeb\updatePodoWeb(178).exe, , [a1fedc61e09c1521afce941f1ee3827e],
PUP.Optional.PodoWeb.A, C:\Program Files (x86)\PodoWeb\bin\utilPodoWeb(179).exe, , [f4abb984324a1125a7d6a90a8180639d],
VirTool.Obfuscator, C:\Program Files (x86)\Saints Row IV\steam_api.dll, , [227dcb724438ee48b95141f80ff29b65],
Trojan.VirTool, C:\Program Files (x86)\The Elder Scrolls V Skyrim\steam_api.dll, , [f5aa57e629538ea842c77c0cf30f5fa1],
Trojan.Onlinegames, C:\Program Files (x86)\The Sims 4\Game\Bin\3dmgame.dll, , [554aeb52611ba69043958d2458aaca36],
PUP.GameHack, C:\Program Files (x86)\The Sims 4\Game\Bin\is-AK56V.tmp, , [bce39ca1b6c6a78ff43d436d8f7318e8],
PUP.RiskwareTool.CK, C:\Users\Martin\Documents\4. PROGRAMY\Adobe CS6\amtlib.dll\32-bit\amtlib.dll, , [b6e90e2f6715ab8b8af9213ee919966a],
PUP.RiskwareTool.CK, C:\Users\Martin\Documents\4. PROGRAMY\Adobe CS6\amtlib.dll\64-bit\amtlib.dll, , [3d620c315e1ed26486fe7ae5a85a659b],
PUP.Optional.WinToFlashSuggestor.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi, , [efb0ca73b3c9b284afc580b644bfd828],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\install.rdf, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\background.html, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\browser.xul, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\ffCoreFilesIndex.txt, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\options.xul, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\search_dialog.xul, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\manifest.xml, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins.json, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\locale\en-US\translations.dtd, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button1.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button2.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button3.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button4.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button5.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\crossrider_statusbar.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon128.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon16.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon24.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon48.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\panelarrow-up.png, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\popup.html, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\skin.css, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7vni0jbm.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\update.css, , [a9f60d301666fe3879987abb6b98916f],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\1293297481.mxaddon, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\c48fe4d2-e847-4f6c-a6df-af50db53d192.crx, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\c48fe4d2-e847-4f6c-a6df-af50db53d192.xpi, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\background.html, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\bb15f112-afbf-484f-91c5-c02a471aaff2.crx, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.AppLid.A, C:\Program Files (x86)\App Lid\bgNova.html, , [485758e5a3d97abcad657bba19ea9769],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor\icon.png, , [4e514df0acd037ff430972c4b64dbb45],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx, , [4e514df0acd037ff430972c4b64dbb45],
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
Re: Preventivka s menším podezřením
No jo no, cracky, ma to cenu cistit, kdyz si to hned zase dobrovolne zaliskate stahovanim svinstva? 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka s menším podezřením
Chápu Vaše rozhořčení. Jde mi teď spíše o to, jestli nejde nějak rozeznat, zda nebude opravdu něco špatně s diskem, potažmo celkově hardwarem. Notebook bude příštím rokem pomalu mířit ke konci záruční doby a tak bych nerad, aby po jejím skončení najednou kleknul.
Re: Preventivka s menším podezřením
Disk chyby rozhodne hlasi, ale kompletni format by to mohl napravit. Tezko takhle hadat.
Ty nalezy z MBAM hodte do karanteny a po restartu pc novy test. Je treba zjistit, jestli se to nevraci. Napiste zase vysledek testu.
Ty nalezy z MBAM hodte do karanteny a po restartu pc novy test. Je treba zjistit, jestli se to nevraci. Napiste zase vysledek testu.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka s menším podezřením
Po restartu proběhl test bez jediného nálezu.
Přispějete na provoz fóra?