Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o preventivnu kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Prosim o preventivnu kontrolu

#1 Příspěvek od valdoDK »

Zdravim,

snazim sa drzat PC od spiny ale myslim ze som slapol vedla a predsa sa daco chytilo, poprosil by som preto o kontrolu, vopred dakujem za venovany cas a pomoc :)

LOG RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by MrVopi at 2015-02-10 10:23:08
Microsoft Windows 8.1 Pro
System drive C: has 20 GB (9%) free of 234 GB
Total RAM: 16323 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:23:09, on 10.2.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE
C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Dell\Dell System Manager\PanelHelper32.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Users\MrVopi\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exe
C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
F:\PROGRAMS\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\MrVopi\AppData\Roaming\Spotify\spotify.exe
C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\MrVopi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [vmware-tray.exe] "F:\PROGRAMS\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\MrVopi\AppData\Local\Apps\2.0\CLVDC6VR.7X7\P9TMOPRK.L2A\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe
O4 - HKCU\..\Run: [Arvo] "C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Telegram.lnk = C:\Users\MrVopi\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exe
O4 - Global Startup: Dell System Manager.lnk = C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem88.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service (ApHidMonitorService) - Alps Electric Co., Ltd. - C:\Program Files\DellTPad\HidMonitorSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Dell System Manager Service (dcpsysmgrsvc) - Dell Inc. - C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
O23 - Service: Dell Management Agent Service (DellMgmtAgent) - Dell Inc. - C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe
O23 - Service: Dell Security Framework Loader (DellMgmtLoader) - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
O23 - Service: DELL Security Framework Local Server (DellMgmtServer) - Dell, Inc. - C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe
O23 - Service: DisplayFusionService - Binary Fortress Software - C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
O23 - Service: @C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe,-200 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate1d0204366a1e017) (gupdate1d0204366a1e017) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem1d0204366a2a326) (gupdatem1d0204366a2a326) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Invincea Enterprise Service (InvProtectSvc) - Invincea, Inc. - C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: KMS Server Service (KMSServerService) - My Digital Life Forums - C:\WINDOWS\KMSServerService\KMS Server Service.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\WINDOWS\system32\nvwmi64.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\WINDOWS\System32\drivers\o2flash.exe (file missing)
O23 - Service: O2SDIOAssist - Unknown owner - C:\WINDOWS\SysWOW64\srvany.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Dell PPO Service (poaService) - Dell Inc. - C:\Program Files\Dell\PPO\poaService.exe
O23 - Service: Dell PPO System Maintenance Service (PoaSMSrv) - Dell Inc. - C:\Program Files\Dell\PPO\poaSmSrv.exe
O23 - Service: Dell PPO Track & Analyze Service (poaTaServ) - Dell Inc. - C:\Program Files\Dell\PPO\poaTaServ.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SboxSvc - Unknown owner - C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Security Innovation TCS (tcsd_win32.exe) - Security Innovation, Inc. - C:\Program Files\Dell\Dell Data Protection\TSS\bin\tcsd_win32.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - F:\PROGRAMS\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - F:\PROGRAMS\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 19765 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
"dwm.exe"
"C:\WINDOWS\system32\nvwmi64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\nvwmi64.exe -spawnprovider
"C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DPCardEngine.exe"
"C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files (x86)\Stardock\Start8\Start8_64.exe" START
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-acdf1f0d-9f71-4b42-9006-ea0ffd4a290c -SystemEventPortName:HostProcess-84145379-fe37-474b-a1b2-428c958b6203 -IoCancelEventPortName:HostProcess-b2e945d2-9a5a-42cc-9e9c-7742027aca7e -NonStateChangingEventPortName:HostProcess-0ba732e1-6194-4405-913b-2e4e028090da -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:89e882a0-39ff-4b55-9b15-9ce735578d72 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\Common Files\SPBA\upeksvr.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\DellTPad\HidMonitorSvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\system32\AdminService.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{B959A4AA-04FF-41D7-B2E3-DFF1787B9AD5}
"C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe"
"C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe"
dashost.exe {23243e8c-dc55-4bf2-b37f4cbe67825f29}
"C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe"
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\WINDOWS\KMSServerService\KMS Server Service.exe"
"C:\ProgramData\MobileBrServ\mbbservice.exe" -service
C:\WINDOWS\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\SysWOW64\srvany.exe
C:\WINDOWS\sysWOW64\SDIOAssist.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\PnkBstrA.exe
"C:\Program Files\Dell\PPO\poaService.exe"
"C:\Program Files\Dell\PPO\poaSmSrv.exe"
"C:\Program Files\Dell\PPO\poaTaServ.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\WINDOWS\SysWOW64\vmnat.exe
"F:\PROGRAMS\VMware\VMware Workstation\vmware-authd.exe"
C:\WINDOWS\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe"
"C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"F:\PROGRAMS\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml"
"C:\Program Files\DellTPad\Apoint.exe"
taskhostex.exe
"C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DPAgent.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /uac
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-757103ed-f2b7-4c8e-a6d7-3058bd766fea -SystemEventPortName:HostProcess-e1eaa3c7-88e3-4d48-85e7-202bd2f0435a -IoCancelEventPortName:HostProcess-5f32ace7-293c-4f8a-86ef-edc0b41065e9 -NonStateChangingEventPortName:HostProcess-014a193b-647b-494f-8352-70a6dec7f062 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cdf66394-22a1-416a-b338-9a26a8d6ece6 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\msdtc.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" /s
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5REC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
"C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe" showtraymin
"C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
KHALMNPR.EXE /API
"C:\Program Files\Dell\PPO\DellPoaEvents.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll",StartFences
"C:\Users\MrVopi\AppData\Local\Apps\2.0\CLVDC6VR.7X7\P9TMOPRK.L2A\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE"
"C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
"C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe" "7600" "67044" "131888" "196816" "196784" "a13758c3-f9e5-4205-9743-c6da304e4b2b" "C:\Program Files (x86)\DisplayFusion\Hooks\AppHookWIN6032_784B6198-E6F2-46B7-B865-1BFF55A106A1.dll" "Software\Binary Fortress Software\DisplayFusion" "Software\Binary Fortress Software\DisplayFusion\Session" "0" "7"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe" "7600" "67044" "131888" "196816" "196784" "a13758c3-f9e5-4205-9743-c6da304e4b2b" "C:\Program Files (x86)\DisplayFusion\Hooks\AppHookWIN6064_575848B4-C7A1-4DBC-BD0F-0053E4269D8E.dll" "Software\Binary Fortress Software\DisplayFusion" "Software\Binary Fortress Software\DisplayFusion\Session" "1" "7"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6520.0.789156333\1607494597" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39,47 --gpu-vendor-id=0x10de --gpu-device-id=0x11fc --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4084 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials=ChromeSuggestions/Default/DomRel-Enable/enable/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.1.986694486\1876397301" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials=BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.3.1101360637\1703269025" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials=BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.4.1423047077\1189185573" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials=BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.5.480647447\519287211" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials=BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.6.2099780342\321116569" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials=BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.7.1664253743\1662312281" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials=BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.9.1921576325\1111913536" /prefetch:673131151
"C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe"
"C:\Program Files\Dell\Dell System Manager\PanelHelper32.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe"
"C:\Users\MrVopi\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exe" -autostart

"C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"F:\PROGRAMS\VMware\VMware Workstation\vmware-tray.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.10.1115121501\138811681" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.11.1465518313\2102939534" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.12.106105537\1292753896" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.13.1553986976\446109" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" --lang=sk --channel="6520.14.1996218360\465962130" /prefetch:-390060480
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\System32\drivers\o2flash.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Users\MrVopi\AppData\Roaming\Spotify\spotify.exe"
"C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="9164.0.1392780176\321964421" /prefetch:673131151
"C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="9164.1.1747855075\1728115210" /prefetch:673131151
"C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="9164.2.1239002017\1227079993" /prefetch:673131151
"C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="9164.3.1789568758\833958759" /prefetch:673131151
"C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="9164.4.1142686926\11141036" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x11fc --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4084 --lang=en-US --log-severity=disable /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJune2016/Warning/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6520.29.286486143\1672373193" /prefetch:673131151
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\MrVopi\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0438fe85489d4.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cf8a17f3a7596a.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cfecbebe64cb76.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cffea78aac9ce8.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0204366ad4780.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\WebReg .job - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe ""

=========Mozilla firefox=========

ProfilePath - C:\Users\MrVopi\AppData\Roaming\Mozilla\Firefox\Profiles\ex9e3zk6.default

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@verimatrix.com/ViewRightWeb]
"Description"=Verimatrix ViewRightWeb
"Path"=C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\ChromeExt\components\npChromeDPAgent.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-01-26 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20 163720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31 433944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-26 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20 163720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-01-26 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-30 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21 141192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31 364824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-26 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-30 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21 141192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20 163720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21 141192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-08-20 7202520]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-07-29 1321688]
"RtHDVBg_PushButton"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-07-29 1321688]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2014-03-13 727896]
"CSFTrayApp"=C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe [2013-10-09 230752]
"egui"=C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [2013-02-14 4144944]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-07-31 3091224]
"DellPoaEvents"=C:\Program Files\Dell\PPO\DellPoaEvents.exe [2014-08-15 396496]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-30 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"Fences"=C:\Program Files (x86)\Stardock\Fences\Fences.exe [2014-05-22 3993744]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-09 2404296]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-08-09 1283136]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2014-09-12 2727568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DellSystemDetect"=C:\Users\MrVopi\AppData\Local\Apps\2.0\CLVDC6VR.7X7\P9TMOPRK.L2A\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe [2014-03-14 253952]
"Arvo"=C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE [2010-04-01 582144]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
"AdobeBridge"= []
"DisplayFusion"=C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [2014-06-18 8718176]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2014-10-17 43816]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-10-17 43816]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2014-10-20 43816]
"Spotify Web Helper"=C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-12-16 1676344]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2013-12-21 3478392]
"HPUsageTracking"=C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [2009-05-11 24576]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"vmware-tray.exe"=F:\PROGRAMS\VMware\VMware Workstation\vmware-tray.exe [2014-11-20 114368]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dell System Manager.lnk - C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\MrVopi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Telegram.lnk - C:\Users\MrVopi\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-06-13 66328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2012-08-17 2307944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2014-05-22 521872]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-10 10:09:40 ----D---- C:\rsit
2015-02-09 19:42:03 ----A---- C:\WINDOWS\SYSWOW64\vp6vfw.dll
2015-02-01 18:28:43 ----A---- C:\WINDOWS\SYSWOW64\vsocklib.dll
2015-02-01 18:28:43 ----A---- C:\WINDOWS\system32\vsocklib.dll
2015-02-01 18:28:43 ----A---- C:\WINDOWS\system32\drivers\vsock.sys
2015-02-01 18:28:42 ----A---- C:\WINDOWS\system32\drivers\vmx86.sys
2015-02-01 18:28:42 ----A---- C:\WINDOWS\system32\drivers\VMparport.sys
2015-02-01 18:28:19 ----A---- C:\WINDOWS\SYSWOW64\vmnetdhcp.exe
2015-02-01 18:28:19 ----A---- C:\WINDOWS\SYSWOW64\vmnat.exe
2015-02-01 18:28:19 ----A---- C:\WINDOWS\system32\drivers\vmnetuserif.sys
2015-02-01 18:28:15 ----A---- C:\WINDOWS\system32\vnetlib64.dll
2015-02-01 18:28:12 ----A---- C:\WINDOWS\system32\drivers\hcmon.sys
2015-02-01 18:28:05 ----D---- C:\Program Files\Common Files\VMware
2015-02-01 18:27:50 ----D---- C:\Program Files (x86)\VMware
2015-01-25 19:22:07 ----D---- C:\ProgramData\Reflector
2015-01-25 19:22:07 ----D---- C:\ProgramData\Reflection
2015-01-25 19:21:44 ----D---- C:\Program Files\Reflector
2015-01-17 10:16:43 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2015-01-17 10:16:42 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2015-01-15 02:18:35 ----D---- C:\Program Files (x86)\NirSoft
2015-01-14 19:12:42 ----RHD---- C:\Users\MrVopi\AppData\Roaming\SecuROM
2015-01-14 13:38:22 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2015-01-14 12:37:52 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2015-01-14 12:37:52 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2015-01-14 12:37:52 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\wer.dll
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\profsvc.dll
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\nlasvc.dll
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\ncsi.dll
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\Faultrep.dll
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\EncDump.dll
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\ci.dll
2015-01-14 12:37:52 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll

======List of files/folders modified in the last 1 month======

2015-02-10 10:23:08 ----D---- C:\Program Files\trend micro
2015-02-10 10:21:39 ----D---- C:\WINDOWS\Temp
2015-02-10 10:19:13 ----RD---- C:\WINDOWS\System32
2015-02-10 10:19:13 ----D---- C:\WINDOWS\Inf
2015-02-10 10:19:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-10 10:18:50 ----D---- C:\Users\MrVopi\AppData\Roaming\Spotify
2015-02-10 10:15:26 ----D---- C:\WINDOWS\Prefetch
2015-02-10 10:14:53 ----D---- C:\WINDOWS\Registration
2015-02-10 10:14:01 ----D---- C:\ProgramData\VMware
2015-02-10 10:13:59 ----D---- C:\ProgramData\NVIDIA
2015-02-10 10:02:41 ----D---- C:\WINDOWS\system32\sru
2015-02-09 22:55:00 ----D---- C:\ProgramData\Origin
2015-02-09 19:42:03 ----D---- C:\WINDOWS\SysWOW64
2015-02-09 19:42:02 ----SHD---- C:\WINDOWS\Installer
2015-02-09 19:42:02 ----HD---- C:\Config.Msi
2015-02-09 19:42:01 ----D---- C:\ProgramData\Package Cache
2015-02-09 19:42:00 ----SHD---- C:\System Volume Information
2015-02-09 19:31:22 ----D---- C:\Program Files (x86)\Origin
2015-02-09 17:35:43 ----D---- C:\WINDOWS\system32\Tasks
2015-02-09 17:15:39 ----D---- C:\WINDOWS\system32\wdi
2015-02-09 11:40:39 ----D---- C:\Users\MrVopi\AppData\Roaming\vlc
2015-02-09 11:01:04 ----D---- C:\WINDOWS\system32\drivers
2015-02-09 10:23:17 ----D---- C:\WINDOWS\Microsoft.NET
2015-02-08 12:10:55 ----RD---- C:\Program Files (x86)
2015-02-08 12:10:55 ----D---- C:\WINDOWS\Tasks
2015-02-07 20:49:14 ----D---- C:\WINDOWS\SoftwareDistribution
2015-02-07 19:24:50 ----D---- C:\Windows
2015-02-07 19:24:43 ----D---- C:\Users\MrVopi\AppData\Roaming\foobar2000
2015-02-07 18:58:26 ----D---- C:\Users\MrVopi\AppData\Roaming\DAEMON Tools Pro
2015-02-07 18:58:26 ----D---- C:\Program Files (x86)\Steam
2015-02-07 18:58:07 ----D---- C:\WINDOWS\Logs
2015-02-07 18:58:07 ----D---- C:\WINDOWS\debug
2015-02-07 18:37:37 ----HD---- C:\Program Files\WindowsApps
2015-02-07 18:37:37 ----D---- C:\WINDOWS\AppReadiness
2015-02-07 18:24:21 ----D---- C:\Program Files\CCleaner
2015-02-07 12:51:27 ----D---- C:\WINDOWS\system32\config
2015-02-07 12:47:53 ----D---- C:\WINDOWS\WinSxS
2015-02-07 12:47:53 ----D---- C:\WINDOWS\CbsTemp
2015-02-06 19:36:50 ----D---- C:\Program Files (x86)\Battle.net
2015-02-05 18:59:14 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2015-02-03 20:31:19 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-02-02 18:25:56 ----D---- C:\Users\MrVopi\AppData\Roaming\BitLord
2015-02-02 18:25:45 ----A---- C:\Users\MrVopi\AppData\Roaming\bitlord_log.txt
2015-02-01 20:07:05 ----D---- C:\Users\MrVopi\AppData\Roaming\VMware
2015-02-01 18:28:43 ----D---- C:\WINDOWS\system32\DriverStore
2015-02-01 18:28:05 ----D---- C:\Program Files\Common Files
2015-02-01 18:28:05 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2015-02-01 18:27:59 ----D---- C:\WINDOWS\SYSWOW64\drivers
2015-02-01 18:27:50 ----D---- C:\Program Files (x86)\Common Files
2015-01-30 14:39:31 ----D---- C:\Program Files (x86)\Hearthstone
2015-01-29 13:06:17 ----D---- C:\Users\MrVopi\AppData\Roaming\Telegram Win (Unofficial)
2015-01-27 17:18:11 ----D---- C:\Users\MrVopi\AppData\Roaming\Skype
2015-01-26 15:44:29 ----D---- C:\Program Files\Microsoft Office 15
2015-01-25 19:22:07 ----HD---- C:\ProgramData
2015-01-25 19:21:44 ----RD---- C:\Program Files
2015-01-17 10:17:03 ----D---- C:\WINDOWS\system32\catroot2
2015-01-15 17:32:02 ----D---- C:\Users\MrVopi\AppData\Roaming\TS3Client
2015-01-15 17:09:14 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-01-14 13:49:51 ----D---- C:\WINDOWS\system32\MRT
2015-01-14 13:47:15 ----A---- C:\WINDOWS\system32\MRT.exe
2015-01-13 18:12:08 ----D---- C:\Users\MrVopi\AppData\Roaming\FileZilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 CredFltL;CredFltL; C:\WINDOWS\system32\DRIVERS\CredFltL.sys [2013-10-09 34048]
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2013-04-10 183016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-30 644968]
R1 dtsoftbus01;@oem62.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-03-03 283200]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-02-05 217000]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-02-05 153200]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2013-02-05 141304]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2014-11-18 55488]
R2 speedfan;speedfan; \??\C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 ApfiltrService;@oem88.inf,%Filter.SvcDesc%;Alps Touch Pad Filter Driver for Windows x64; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2014-04-04 560944]
R3 ArvoFltr;@oem8.inf,%SvcDispName%;ROCCAT Arvo; C:\WINDOWS\system32\drivers\ArvoFltr.sys [2009-05-06 15872]
R3 athr;@oem5.inf,%ATHR.Service.DispName%;Dell Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athrx.sys [2013-02-19 3868160]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2014-10-08 131328]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\WINDOWS\System32\drivers\BthHfAud.sys [2014-10-08 32768]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 cvusbdrv;@oem27.inf,%cvusbdrv.SvcDesc%;Dell ControlVault; C:\WINDOWS\System32\Drivers\cvusbdrv.sys [2013-08-22 47752]
R3 DDDriver;DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [2014-08-14 23760]
R3 DellProf;DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [2013-04-29 23312]
R3 DellRbtn;@oem16.inf,%DellRbtn%;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2013-01-25 10752]
R3 e1dexpress;@oem89.inf,%e1dExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\WINDOWS\system32\DRIVERS\e1d64x64.sys [2014-06-12 459544]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTDVHD64.sys [2013-08-27 2261464]
R3 MEIx64;@oem13.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-12 99288]
R3 NVHDA;@oem93.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-09-12 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-09-12 12882064]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-08-09 21448]
R3 nvvad_WaveExtensible;@oem83.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 O2FJ2RDR;O2FJ2RDR; C:\WINDOWS\System32\drivers\O2FJ2w8x64.sys [2014-05-14 210616]
R3 POADrvr;POADrvr; C:\WINDOWS\system32\drivers\POADrvr.sys [2013-07-19 21264]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 ST_ACCEL;@oem91.inf,%ST_Accel.SVCDESC%;STMicroelectronics Accelerometer Service; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [2013-08-05 93432]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 cpuz137;cpuz137; \??\C:\WINDOWS\TEMP\cpuz137\cpuz137_x64.sys []
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 FTDIBUS;@oem38.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2014-09-10 98160]
S3 FTSER2K;@oem86.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2014-09-10 79872]
S3 GPUZ;GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys []
S3 HPFXBULK;HPFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [2007-07-16 20504]
S3 InvProtectDrv;InvProtectDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [2013-07-30 34824]
S3 JabraDFU;@oem53.inf,%JabraDFU.SvcDesc%;Jabra Bluecore headset DFU driver; C:\WINDOWS\System32\Drivers\JabraMobileCsrDfuX64.sys [2013-12-20 38768]
S3 LEqdUsb;@oem46.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys [2013-05-23 77592]
S3 LHidEqd;@oem47.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys [2013-05-23 13080]
S3 LHidFilt;@oem49.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2013-05-23 76568]
S3 LMouFilt;@oem52.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2013-05-23 59160]
S3 SboxDrv;SboxDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [2013-07-30 202248]
S3 taphss;@oem59.inf,%DeviceDescription%;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2010-05-13 37888]
S3 taphss6;@oem61.inf,%DeviceDescription%;Anchorfree HSS VPN Adapter; C:\WINDOWS\system32\DRIVERS\taphss6.sys [2014-01-14 42184]
S4 RAMDiskVE;@oem54.inf,%ramdiskve.ServiceName%;RAMDiskVE; C:\WINDOWS\System32\Drivers\RAMDiskVE.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 ApHidMonitorService;@oem88.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service; C:\Program Files\DellTPad\HidMonitorSvc.exe [2014-03-27 87384]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\AdminService.exe [2012-08-30 208384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-11-12 2449592]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2013-08-22 1044872]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2013-08-22 37768]
R2 dcpsysmgrsvc;Dell System Manager Service; C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2011-07-28 519536]
R2 Dell.CommandPowerManager.Service;Dell.CommandPowerManager.Service; C:\WINDOWS\SysWOW64\dllhost.exe [2014-10-29 17216]
R2 DellMgmtAgent;Dell Management Agent Service; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe [2013-10-09 247136]
R2 DellMgmtLoader;Dell Security Framework Loader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe [2013-10-09 26464]
R2 DisplayFusionService;DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [2014-06-18 5179760]
R2 DpHost;@C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe,-200; C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe [2013-08-28 472400]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2013-02-14 1020304]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-30 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-12 169432]
R2 KMSServerService;KMS Server Service; C:\WINDOWS\KMSServerService\KMS Server Service.exe [2013-11-07 249856]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-12 390616]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [2012-06-28 233344]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-08-09 1721800]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-08-09 18974152]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-09-12 932040]
R2 NVWMI;NVIDIA WMI Provider; C:\WINDOWS\system32\nvwmi64.exe [2014-09-12 2693448]
R2 O2FLASH;O2FLASH; C:\WINDOWS\System32\drivers\o2flash.exe [2014-03-07 65536]
R2 O2SDIOAssist;O2SDIOAssist; C:\WINDOWS\SysWOW64\srvany.exe [2012-03-09 8192]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2014-09-12 76152]
R2 poaService;Dell PPO Service; C:\Program Files\Dell\PPO\poaService.exe [2014-08-15 721104]
R2 PoaSMSrv;Dell PPO System Maintenance Service; C:\Program Files\Dell\PPO\poaSmSrv.exe [2014-08-15 312016]
R2 poaTaServ;Dell PPO Track & Analyze Service; C:\Program Files\Dell\PPO\poaTaServ.exe [2014-08-16 645328]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-06-19 246488]
R2 Start8;Stardock Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2013-03-20 142960]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-09-12 410768]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 DellMgmtServer;DELL Security Framework Local Server; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe [2013-10-09 33632]
S2 gupdate1d0204366a1e017;Služba Google Update (gupdate1d0204366a1e017); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-25 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 tcsd_win32.exe;Security Innovation TCS; C:\Program Files\Dell\Dell Data Protection\TSS\bin\tcsd_win32.exe [2012-12-10 1636352]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06 267440]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [2013-02-14 40888]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2013-02-14 190208]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2014-02-28 520416]
S3 gupdatem1d0204366a2a326;Služba Google Update (gupdatem1d0204366a2a326); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-25 107912]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 InvProtectSvc;Invincea Enterprise Service; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2013-07-30 2947856]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-06-13 357144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-22 114800]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-02-01 1910128]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-01-25 178760]
S3 SboxSvc;SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [2013-07-30 124616]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-19 834752]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2014-08-14 2542288]
S4 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2014-08-14 199888]

-----------------EOF-----------------
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosim o preventivnu kontrolu

#2 Příspěvek od altrok »

Zdravim :bye:

:arrow: Jak jste se dostal k licenci na ESET Endpoint Antivirus?

:arrow: Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=137928
  • Upozorneni: tento sken zabere od 30 minut po nekolik hodin
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivnu kontrolu

#3 Příspěvek od valdoDK »

Zdravim,

Eset Endpoint Antivirus mam normalne legalnu verziu - firemna licencia :)
Aj som cakal ze vyskoci Photoshop a VMware, snazim sa ci programy alebo hry si kupovat, ale na niektore veci ma bohuzial student hlboke vrecka :)

Prikladam LOG z Malwarebytes:
-----------------------------------------
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11.2.2015
Cas skenování: 17:13:13
Protokol: MA-sken.txt
Správce: Ne

Verze: 2.00.4.1028
Databáze malwaru: v2015.02.11.05
Databáze rootkitu: v2015.02.03.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: MrVopi

Typ skenu: Vlastní sken
Výsledek: Dokonceno
Prohledaných objektu: 1262748
Uplynulý cas: 1 hod, 1 min, 48 sek

Pamet: Zapnuto
Po spuštení: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjišteny položek)

Moduly: 0
(Žádné zákerné zjišteny položek)

Klíce registru: 0
(Žádné zákerné zjišteny položek)

Hodnoty registru: 0
(Žádné zákerné zjišteny položek)

Data registru: 0
(Žádné zákerné zjišteny položek)

Složky: 2
PUP.Optional.OpenCandy, C:\Users\MrVopi\AppData\Roaming\OpenCandy, , [39f85ebfb6d4f1450d96440db64d60a0],
PUP.Optional.OpenCandy, C:\Users\MrVopi\AppData\Roaming\OpenCandy\6A20DCD991F64644862D50BAF7632751, , [39f85ebfb6d4f1450d96440db64d60a0],

Soubory: 5
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll, , [2e03bb6262285dd9170f1589bd45f50b],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll, , [e9489f7e98f2aa8c50d6831b5fa37c84],
PUP.RiskwareTool.CK, G:\PROGRAMS\Adobe Photoshop CS6 13.0 Final Multilanguage\patch - PainteR\adobe.photoshop.cs6-patch.exe, , [ac85dc411c6e9d9916b0a1263ec2f808],
RiskWare.Tool.CK, G:\PROGRAMS\VMware.Workstation.v10.0.0.1295980.Incl.Keymaker-ZWT\keygen\keygen.exe, , [45ec61bc454547ef27a9687256ab23dd],
PUP.Optional.OpenCandy, C:\Users\MrVopi\AppData\Roaming\OpenCandy\6A20DCD991F64644862D50BAF7632751\AVG-PC-TuneUp2014-cz-CZ-p4v1.exe, , [39f85ebfb6d4f1450d96440db64d60a0],

Fyzické sektory: 0
(Žádné zákerné zjišteny položek)


(end)
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosim o preventivnu kontrolu

#4 Příspěvek od altrok »

:arrow: OpenCandy smazte, s crackama to necham na Vas... doporucuju to velice omezit az prestat pouzivat... v nedavnem cracku na officy byl kryptovir (ransomware - sifruje veskere soubory na disku) a podobne srandy.

:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Clean
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivnu kontrolu

#5 Příspěvek od valdoDK »

Nechal som len crack na Photoshop, ostatne som vsetko nechal zmazat :) PS je moje hobby a bohuzial je dost drahy na normalnu kupu ale snazim sa to samozrejme obmedzit a soft aj hry si kupovat :)

Nech sa paci log z AdwCleaneru:
-----------------------------------------------
# AdwCleaner v4.110 - Logfile created 11/02/2015 at 20:43:49
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : MrVopi - A04-0312A
# Running from : C:\Users\MrVopi\Desktop\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\MrVopi\AppData\Local\CrashRpt
Folder Deleted : C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
Folder Deleted : C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v34.0.5 (x86 cs)


-\\ Google Chrome v40.0.2214.111


-\\ Chromium v


*************************

AdwCleaner[R1].txt - [1506 bytes] - [15/09/2014 20:35:57]
AdwCleaner[R2].txt - [1298 bytes] - [11/02/2015 20:42:30]
AdwCleaner[S1].txt - [1500 bytes] - [15/09/2014 20:36:41]
AdwCleaner[S2].txt - [1233 bytes] - [11/02/2015 20:43:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1292 bytes] ##########
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosim o preventivnu kontrolu

#6 Příspěvek od altrok »

:arrow: Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivnu kontrolu

#7 Příspěvek od valdoDK »

Bohuzial mi stale vypisuje hlasku, ze FRST sa nenachadza na ploche, nepomohlo ani spustenie cez zlozku pracovna plocha.. :(
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosim o preventivnu kontrolu

#8 Příspěvek od altrok »

Spustte tedy jen samotny FRST64.exe - dejte oba logy
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivnu kontrolu

#9 Příspěvek od valdoDK »

Vcera sa mi uz nepodarilo odpisat aj ked sme sa tu tak pekne stretli. Nakoniec sa mi podarilo spustit normalne FRSTLauncher, bola to chyba medzi pc a stolickou :)

Prikladam teda FRST log a Addition ako prilohu:
------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015 02
Ran by MrVopi (administrator) on A04-0312A on 12-02-2015 10:37:36
Running from C:\Users\MrVopi\Desktop
Loaded Profiles: MrVopi (Available profiles: MrVopi)
Platform: Windows 8.1 Pro (X64) OS Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe
() C:\Windows\System32\nvwmi64.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpCardEngine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\srvany.exe
(TODO: <公司名>) C:\Windows\SysWOW64\SDIOAssist.exe
() C:\Windows\System32\PnkBstrA.exe
(Dell Inc.) C:\Program Files\Dell\PPO\poaService.exe
(Dell Inc.) C:\Program Files\Dell\PPO\poaSmSrv.exe
(Dell Inc.) C:\Program Files\Dell\PPO\poaTaServ.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe
(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe
(VMware, Inc.) F:\PROGRAMS\VMware\VMware Workstation\vmware-authd.exe
() F:\PROGRAMS\VMware\VMware Workstation\vmware-hostd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Dell Inc.) C:\Program Files\Dell\PPO\DellPoaEvents.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dell) C:\Users\MrVopi\AppData\Local\Apps\2.0\CLVDC6VR.7X7\P9TMOPRK.L2A\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Spotify Ltd) C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\PanelHelper32.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Telegram Messenger LLP) C:\Users\MrVopi\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(VMware, Inc.) F:\PROGRAMS\VMware\VMware Workstation\vmware-tray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(forum.viry.cz) C:\Users\MrVopi\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2014-03-13] (Alps Electric Co., Ltd.)
HKLM\...\Run: [CSFTrayApp] => C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe [230752 2013-10-09] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4144944 2013-02-14] (ESET)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [DellPoaEvents] => C:\Program Files\Dell\PPO\DellPoaEvents.exe [396496 2014-08-15] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3993744 2014-05-22] (Stardock Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2727568 2014-09-12] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [24576 2009-05-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => F:\PROGRAMS\VMware\VMware Workstation\vmware-tray.exe [114368 2014-11-20] (VMware, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe,
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [DellSystemDetect] => C:\Users\MrVopi\AppData\Local\Apps\2.0\CLVDC6VR.7X7\P9TMOPRK.L2A\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe [253952 2014-03-14] (Dell)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [Arvo] => C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE [582144 2010-04-01] (ROCCAT)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8718176 2014-06-18] (Binary Fortress Software)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [Spotify Web Helper] => C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-16] (Spotify Ltd)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [GoogleChromeAutoLaunch_2CA1A66C24542902C1871EEC3C7EF3B5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\MountPoints2: {04e8cff1-2a36-11e4-8330-001a6b0e2a68} - "H:\AutoRun.exe"
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\MountPoints2: {1994bf05-4249-11e4-8340-001a6b0e2a68} - "G:\HTC_Sync_Manager_PC.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk
ShortcutTarget: Dell System Manager.lnk -> C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\MrVopi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk
ShortcutTarget: Telegram.lnk -> C:\Users\MrVopi\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exe (Telegram Messenger LLP)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-826929475-743330940-1988914792-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\Root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\MrVopi\AppData\Roaming\Mozilla\Firefox\Profiles\ex9e3zk6.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF NetworkProxy: "backup.ftp", "109.236.122.14"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "109.236.122.14"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "109.236.122.14"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "78.141.79.233"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "http", "78.141.79.233"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "78.141.79.233"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "78.141.79.233"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\Root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\ChromeExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-826929475-743330940-1988914792-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MrVopi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-826929475-743330940-1988914792-1001: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Plugin HKU\S-1-5-21-826929475-743330940-1988914792-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-826929475-743330940-1988914792-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\FirefoxExt [2013-11-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-15]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-11]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2013-11-07]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> http://www.google.sk/search?q={searchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-25]
CHR Extension: (Dokumenty Google) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-25]
CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2014-12-25]
CHR Extension: (Disk Google) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-25]
CHR Extension: (YouTube) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-25]
CHR Extension: (Hľadať v Google) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-25]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-12-25]
CHR Extension: (Adobe Acrobat – Vytvoriť PDF) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-12-25]
CHR Extension: (Kalendár Google) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-12-25]
CHR Extension: (Box) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2014-12-25]
CHR Extension: (Tabuľky Google) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-25]
CHR Extension: (iCloud Záložky) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-12-25]
CHR Extension: (AdBlock) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-25]
CHR Extension: (Arcane Legends) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2014-12-25]
CHR Extension: (Google Inbox Checker (Inbox by Gmail)) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\llldafpkkdiljghncbdnkgfinfiifnig [2014-12-25]
CHR Extension: (Vylepšení WISu) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\macimepnbaggfjekcmlcohlffafgamcc [2015-01-13]
CHR Extension: (Save to Pocket) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-02-11]
CHR Extension: (Peňaženka Google) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-25]
CHR Extension: (Gmail) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-25]
CHR Extension: (Inbox by Gmail) - C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkclgpgponpjmpfokoepglboejdobkpl [2014-12-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-03-27] (Alps Electric Co., Ltd.)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-30] (Atheros Commnucations) [File not signed]
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S4 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2542288 2014-08-14] (Dell Inc.)
S4 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [199888 2014-08-14] (Dell Inc.)
R2 DellMgmtAgent; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe [247136 2013-10-09] (Dell Inc.)
R2 DellMgmtLoader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe [26464 2013-10-09] ()
R2 DellMgmtServer; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe [33632 2013-10-09] (Dell, Inc.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5179760 2014-06-18] (Binary Fortress Software)
R2 DpHost; C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe [472400 2013-08-28] (DigitalPersona, Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [40888 2013-02-14] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1020304 2013-02-14] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [190208 2013-02-14] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-02-28] (Futuremark)
S2 gupdate1d0204366a1e017; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-12-25] (Google Inc.)
S3 gupdatem1d0204366a2a326; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-12-25] (Google Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S3 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation)
R2 KMSServerService; C:\WINDOWS\KMSServerService\KMS Server Service.exe [249856 2013-11-07] (My Digital Life Forums) [File not signed]
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [233344 2012-06-28] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18974152 2014-08-09] (NVIDIA Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2693448 2014-09-12] ()
R2 O2FLASH; C:\Windows\System32\drivers\o2flash.exe [65536 2014-03-07] (BayHubTech/O2Micro International)
R2 O2SDIOAssist; C:\WINDOWS\SysWOW64\srvany.exe [8192 2012-03-09] () [File not signed]
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-01] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-09-12] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2013-11-07] ()
R2 poaService; C:\Program Files\Dell\PPO\poaService.exe [721104 2014-08-15] (Dell Inc.)
R2 PoaSMSrv; C:\Program Files\Dell\PPO\poaSmSrv.exe [312016 2014-08-15] (Dell Inc.)
R2 poaTaServ; C:\Program Files\Dell\PPO\poaTaServ.exe [645328 2014-08-16] (Dell Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S3 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] ()
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-20] (Stardock Software, Inc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 tcsd_win32.exe; C:\Program Files\Dell\Dell Data Protection\TSS\bin\tcsd_win32.exe [1636352 2012-12-10] (Security Innovation, Inc.) [File not signed]
R2 VMAuthdService; F:\PROGRAMS\VMware\VMware Workstation\vmware-authd.exe [87744 2014-11-20] (VMware, Inc.)
R2 VMwareHostd; F:\PROGRAMS\VMware\VMware Workstation\vmware-hostd.exe [12730560 2014-11-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 Dell.CommandPowerManager.Service; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{B959A4AA-04FF-41D7-B2E3-DFF1787B9AD5}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArvoFltr; C:\Windows\system32\drivers\ArvoFltr.sys [15872 2009-05-06] (ROCCAT Development, Inc.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131328 2014-10-08] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R0 CredFltL; C:\Windows\System32\DRIVERS\CredFltL.sys [34048 2013-10-09] ()
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2014-08-14] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2013-04-29] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-03-03] (DT Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [459544 2014-06-12] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [217000 2013-02-05] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [183016 2013-04-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [153200 2013-02-05] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [141304 2013-02-05] (ESET)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2261464 2013-08-27] (Realtek Semiconductor Corp.)
S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] ()
S3 JabraDFU; C:\Windows\System32\Drivers\JabraMobileCsrDfuX64.sys [38768 2013-12-20] (GN Netcom A/S)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [21448 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 O2FJ2RDR; C:\Windows\System32\drivers\O2FJ2w8x64.sys [210616 2014-05-14] (BayHubTech/O2Micro )
R3 POADrvr; C:\Windows\system32\drivers\POADrvr.sys [21264 2013-07-19] (Dell Computer Corporation)
S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] ()
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [93432 2013-08-05] (STMicroelectronics)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-01-14] (Anchorfree Inc.)
R2 VMparport; C:\WINDOWS\system32\drivers\VMparport.sys [31936 2014-11-20] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 cpuz137; \??\C:\WINDOWS\TEMP\cpuz137\cpuz137_x64.sys [X]
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]
S4 RAMDiskVE; \SystemRoot\System32\Drivers\RAMDiskVE.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-12 10:27 - 2015-02-12 10:37 - 00040008 _____ () C:\Users\MrVopi\Desktop\FRST.txt
2015-02-12 10:26 - 2015-02-12 10:37 - 00000000 ____D () C:\FRST
2015-02-12 10:26 - 2015-02-12 10:26 - 00112640 _____ (forum.viry.cz) C:\Users\MrVopi\Desktop\FRSTLauncher.exe
2015-02-12 10:25 - 2015-02-12 10:25 - 02134016 _____ (Farbar) C:\Users\MrVopi\Desktop\FRST64.exe
2015-02-11 20:39 - 2015-02-11 20:56 - 00017758 _____ () C:\WINDOWS\PFRO.log
2015-02-11 20:33 - 2015-02-11 20:33 - 02112512 _____ () C:\Users\MrVopi\Desktop\adwcleaner_4.110.exe
2015-02-11 18:48 - 2015-02-11 18:48 - 00004034 _____ () C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-02-11 18:48 - 2015-02-11 18:48 - 00003484 _____ () C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2015-02-11 18:48 - 2015-02-11 18:48 - 00003222 _____ () C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2015-02-11 18:48 - 2015-02-11 18:48 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-02-11 18:48 - 2015-02-11 18:48 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-02-11 18:20 - 2015-02-11 18:20 - 00002039 _____ () C:\Users\MrVopi\Desktop\MA-sken.txt
2015-02-11 17:09 - 2015-02-11 17:09 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\MrVopi\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-11 17:08 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-11 17:08 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-11 17:08 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-11 17:08 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-11 17:08 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-11 17:08 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-11 17:08 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-11 17:08 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-11 17:08 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-11 17:08 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-11 17:08 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-11 17:08 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-11 17:08 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-11 17:07 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-11 17:07 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-11 17:07 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-11 17:07 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-11 17:07 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-11 17:07 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-11 17:07 - 2015-01-12 03:32 - 06041088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-11 17:07 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-11 17:07 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-11 17:07 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-11 17:07 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-11 17:07 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-11 17:07 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-11 17:07 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-11 17:07 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-11 17:07 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-11 17:07 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-11 17:07 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-11 17:07 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-11 17:07 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-11 17:07 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-11 17:07 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-11 17:07 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-11 17:07 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-11 17:07 - 2015-01-12 02:29 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-11 17:07 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-11 17:07 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-11 17:07 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-11 17:07 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-11 17:07 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-11 17:07 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-11 17:07 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-11 17:07 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-11 17:07 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-11 17:07 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-11 17:07 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-11 17:07 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-11 17:07 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-11 17:07 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-11 17:07 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-11 17:07 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-10 21:37 - 2015-02-10 21:37 - 00000756 _____ () C:\WINDOWS\LkmdfCoInst.log
2015-02-10 10:27 - 2015-02-10 10:27 - 00000810 _____ () C:\Users\Public\Desktop\Speccy.lnk
2015-02-10 10:27 - 2015-02-10 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-02-10 10:27 - 2015-02-10 10:27 - 00000000 ____D () C:\Program Files\Speccy
2015-02-10 10:26 - 2015-02-10 10:26 - 05135288 _____ (Piriform Ltd) C:\Users\MrVopi\Desktop\spsetup128.exe
2015-02-10 10:09 - 2015-02-10 10:09 - 01222144 _____ () C:\Users\MrVopi\Desktop\RSITx64.exe
2015-02-10 10:09 - 2015-02-10 10:09 - 00000000 ____D () C:\rsit
2015-02-09 19:43 - 2015-02-09 19:43 - 00000000 ____D () C:\Users\MrVopi\Documents\Electronic Arts
2015-02-09 19:42 - 2014-03-03 17:19 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2015-02-09 12:56 - 2015-02-09 12:56 - 00001414 _____ () C:\Users\MrVopi\Desktop\watch_dogs.exe - odkaz.lnk
2015-02-08 12:10 - 2015-02-08 12:10 - 00003662 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0438fe85489d4
2015-02-08 12:10 - 2015-02-08 12:10 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0438fe85489d4.job
2015-02-07 19:24 - 2015-02-12 10:24 - 00021406 _____ () C:\WINDOWS\setupact.log
2015-02-07 19:24 - 2015-02-07 19:24 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-07 19:12 - 2015-02-12 10:26 - 01257943 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-07 18:24 - 2015-02-07 18:24 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-07 18:20 - 2015-02-07 18:20 - 00000000 ____D () C:\Users\MrVopi\Desktop\IZU
2015-02-07 18:20 - 2015-02-07 18:20 - 00000000 ____D () C:\Users\MrVopi\Desktop\IZG
2015-02-07 18:20 - 2015-02-07 18:20 - 00000000 ____D () C:\Users\MrVopi\Desktop\IPP
2015-02-07 18:20 - 2015-02-07 18:20 - 00000000 ____D () C:\Users\MrVopi\Desktop\IPK
2015-02-07 18:19 - 2015-02-07 18:19 - 00000000 ____D () C:\Users\MrVopi\Desktop\IOS
2015-02-07 18:19 - 2015-02-07 18:19 - 00000000 ____D () C:\Users\MrVopi\Desktop\IDS
2015-02-07 15:37 - 2015-02-07 15:37 - 00000000 ____D () C:\Users\MrVopi\Desktop\FlashBench
2015-02-06 19:56 - 2015-02-11 20:14 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-06 19:56 - 2015-02-06 19:56 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-06 17:02 - 2015-02-06 17:19 - 00000000 ____D () C:\Users\MrVopi\Desktop\PREDAJ
2015-02-04 19:58 - 2015-02-04 19:58 - 00000233 _____ () C:\Users\MrVopi\Desktop\Watch_Dogs.url
2015-02-04 19:55 - 2015-02-04 19:55 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-02-02 18:29 - 2015-02-02 18:29 - 00000763 _____ () C:\Users\MrVopi\AppData\Local\recently-used.xbel
2015-02-01 18:28 - 2015-02-01 18:28 - 00001832 _____ () C:\Users\Public\Desktop\VMware Workstation.lnk
2015-02-01 18:28 - 2015-02-01 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2015-02-01 18:28 - 2015-02-01 18:28 - 00000000 ____D () C:\Program Files\Common Files\VMware
2015-02-01 18:28 - 2014-11-20 18:44 - 00931008 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2015-02-01 18:28 - 2014-11-20 18:44 - 00438464 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2015-02-01 18:28 - 2014-11-20 18:44 - 00359104 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2015-02-01 18:28 - 2014-11-20 18:44 - 00066752 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2015-02-01 18:28 - 2014-11-20 18:44 - 00031936 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\VMparport.sys
2015-02-01 18:28 - 2014-11-20 18:44 - 00026816 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2015-02-01 18:28 - 2014-11-18 08:04 - 00055488 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2015-02-01 18:28 - 2014-11-17 17:38 - 00076480 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2015-02-01 18:28 - 2014-11-17 17:38 - 00068288 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2015-02-01 18:28 - 2014-11-17 17:38 - 00064192 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2015-02-01 18:27 - 2015-02-01 18:27 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines
2015-02-01 18:27 - 2015-02-01 18:27 - 00000000 ____D () C:\Program Files (x86)\VMware
2015-02-01 12:31 - 2015-02-01 12:31 - 00000000 ____D () C:\Users\MrVopi\Documents\DyingLight
2015-02-01 12:23 - 2015-02-01 12:23 - 00000621 _____ () C:\Users\Public\Desktop\Dying Light.lnk
2015-02-01 12:23 - 2015-02-01 12:23 - 00000621 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dying Light.lnk
2015-01-25 19:22 - 2015-01-25 19:22 - 00000000 ____D () C:\Users\MrVopi\AppData\Local\Reflector
2015-01-25 19:22 - 2015-01-25 19:22 - 00000000 ____D () C:\ProgramData\Reflector
2015-01-25 19:22 - 2015-01-25 19:22 - 00000000 ____D () C:\ProgramData\Reflection
2015-01-25 19:21 - 2015-01-25 19:21 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reflector
2015-01-25 19:21 - 2015-01-25 19:21 - 00000000 ____D () C:\Program Files\Reflector
2015-01-17 10:16 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-01-17 10:16 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-01-15 02:20 - 2015-01-15 02:20 - 00001404 _____ () C:\Users\MrVopi\Desktop\Wireless Network Watcher.lnk
2015-01-15 02:18 - 2015-01-15 02:18 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
2015-01-15 02:18 - 2015-01-15 02:18 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2015-01-14 19:12 - 2015-01-14 19:12 - 00000000 __RHD () C:\Users\MrVopi\AppData\Roaming\SecuROM
2015-01-14 14:12 - 2015-01-14 14:12 - 00012186 _____ () C:\Users\MrVopi\Desktop\vydavky-mimo.xlsx
2015-01-14 13:38 - 2015-01-14 13:38 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2015-01-14 12:37 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 12:37 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 12:37 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 12:37 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 12:37 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 12:37 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 12:37 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 12:37 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 12:37 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 12:37 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 12:37 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 12:37 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 12:37 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 12:37 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 12:37 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-12 10:35 - 2013-11-07 03:03 - 00000000 ____D () C:\ProgramData\Origin
2015-02-12 10:35 - 2013-11-07 03:03 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-12 10:29 - 2013-11-07 01:15 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-826929475-743330940-1988914792-1001
2015-02-12 10:28 - 2013-11-08 10:30 - 00743848 _____ () C:\WINDOWS\system32\perfh005.dat
2015-02-12 10:28 - 2013-11-08 10:30 - 00153578 _____ () C:\WINDOWS\system32\perfc005.dat
2015-02-12 10:28 - 2013-11-06 23:55 - 01757688 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-12 10:27 - 2014-07-11 09:58 - 00000000 ____D () C:\Users\MrVopi\AppData\Local\Adobe
2015-02-12 10:25 - 2014-09-19 14:20 - 00000000 ___RD () C:\Users\MrVopi\iCloudDrive
2015-02-12 10:25 - 2013-11-08 11:53 - 00000000 ____D () C:\Users\MrVopi\AppData\Local\CrashDumps
2015-02-12 10:25 - 2013-11-07 07:16 - 00000000 ___DO () C:\Users\MrVopi\SkyDrive
2015-02-12 10:25 - 2013-10-24 23:46 - 00131072 ___SH () C:\CredSED.dat
2015-02-12 10:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-12 10:24 - 2014-10-21 00:36 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70.job
2015-02-12 10:24 - 2014-03-08 12:57 - 00000000 ____D () C:\ProgramData\VMware
2015-02-12 10:24 - 2013-11-07 01:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-12 10:24 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-11 21:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-11 20:44 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-11 20:43 - 2014-09-15 20:35 - 00000000 ____D () C:\AdwCleaner
2015-02-11 20:41 - 2014-10-21 00:36 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cfecbebe64cb76.job
2015-02-11 20:39 - 2013-08-22 15:44 - 05340920 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-11 20:33 - 2014-12-16 18:27 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\Spotify
2015-02-11 20:10 - 2014-12-25 14:05 - 00000956 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0204366ad4780.job
2015-02-11 18:50 - 2013-11-25 20:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-11 18:50 - 2013-11-07 06:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 18:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-11 18:50 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-11 18:48 - 2013-11-07 13:11 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 18:48 - 2013-11-07 03:30 - 00000000 ____D () C:\Program Files\Dell
2015-02-11 18:48 - 2013-11-07 01:30 - 00000000 ____D () C:\ProgramData\PCDr
2015-02-11 18:48 - 2013-11-07 01:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-02-11 18:46 - 2013-11-14 04:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-11 18:43 - 2013-11-14 04:02 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-11 18:43 - 2013-08-22 14:25 - 00000202 _____ () C:\WINDOWS\win.ini
2015-02-11 17:05 - 2014-12-16 18:27 - 00000000 ____D () C:\Users\MrVopi\AppData\Local\Spotify
2015-02-11 09:54 - 2013-11-07 10:03 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\vlc
2015-02-10 21:37 - 2013-12-15 13:08 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2015-02-10 20:08 - 2014-03-03 14:43 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\Telegram Win (Unofficial)
2015-02-10 10:23 - 2014-01-22 13:52 - 00000000 ____D () C:\Program Files\trend micro
2015-02-08 22:55 - 2014-01-05 00:31 - 00000000 ____D () C:\Users\MrVopi\Desktop\fotky
2015-02-08 12:10 - 2013-11-22 01:50 - 00003662 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70
2015-02-07 19:24 - 2013-11-22 00:53 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\foobar2000
2015-02-07 18:58 - 2014-04-04 00:57 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-07 18:58 - 2014-03-03 23:16 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\DAEMON Tools Pro
2015-02-07 18:37 - 2013-11-06 23:56 - 00000000 ____D () C:\Users\MrVopi\AppData\Local\Packages
2015-02-07 18:29 - 2014-09-09 11:08 - 00000000 ____D () C:\Users\MrVopi\kori
2015-02-07 18:24 - 2013-11-07 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-07 18:24 - 2013-11-07 07:44 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-07 18:21 - 2013-10-21 17:48 - 00000000 ____D () C:\Users\MrVopi\Desktop\work
2015-02-07 17:46 - 2013-11-07 03:03 - 00000000 ____D () C:\Users\MrVopi\AppData\Local\Battle.net
2015-02-07 15:38 - 2013-11-06 23:56 - 00000000 ____D () C:\Users\MrVopi\AppData\Local\VirtualStore
2015-02-07 15:17 - 2013-11-05 22:18 - 00000000 ____D () C:\Users\MrVopi\Desktop\wallpapers
2015-02-06 19:36 - 2013-11-07 03:03 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-02-06 16:54 - 2014-09-17 20:46 - 00000000 ____D () C:\Users\MrVopi\AppData\Local\6CEEA6C2-C2F0-47BF-9400-9A6C8D8B2999.aplzod
2015-02-05 18:59 - 2013-11-07 13:12 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-05 01:36 - 2013-10-25 13:12 - 00000000 ____D () C:\Users\MrVopi\Documents\My Games
2015-02-03 20:31 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-02 18:29 - 2014-04-03 19:04 - 00000000 ____D () C:\Users\MrVopi\Documents\BitLord
2015-02-02 18:25 - 2014-04-03 19:04 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\BitLord
2015-02-02 13:02 - 2014-09-22 20:38 - 00000000 ____D () C:\Users\MrVopi\Documents\StrongDC++
2015-02-01 20:07 - 2014-03-08 13:06 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\VMware
2015-02-01 20:07 - 2014-03-08 13:06 - 00000000 ____D () C:\Users\MrVopi\AppData\Local\VMware
2015-02-01 18:28 - 2014-03-08 12:59 - 01786400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-01-30 14:39 - 2013-11-07 03:04 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-27 17:18 - 2013-11-09 10:50 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\Skype
2015-01-26 15:44 - 2014-12-18 00:20 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-01-22 01:11 - 2013-11-07 03:30 - 00000678 __RSH () C:\ProgramData\ntuser.pol
2015-01-20 20:07 - 2013-11-28 17:19 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Dell
2015-01-19 04:08 - 2014-09-09 11:07 - 00007591 _____ () C:\Users\MrVopi\AppData\Local\Resmon.ResmonCfg
2015-01-16 23:48 - 2013-11-07 03:35 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Games
2015-01-16 23:46 - 2013-11-06 23:50 - 00000000 ____D () C:\Users\MrVopi
2015-01-15 17:32 - 2013-11-08 07:20 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\TS3Client
2015-01-13 18:12 - 2013-11-11 00:36 - 00000000 ____D () C:\Users\MrVopi\AppData\Roaming\FileZilla

==================== Files in the root of some directories =======

2014-07-26 13:58 - 2014-07-26 13:58 - 0000288 _____ () C:\Users\MrVopi\AppData\Roaming\.backup.dm
2013-12-23 21:23 - 2015-01-09 03:39 - 0000132 _____ () C:\Users\MrVopi\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-04-03 19:04 - 2015-02-02 18:25 - 0000000 _____ () C:\Users\MrVopi\AppData\Roaming\bitlord_log.txt
2014-03-05 20:05 - 2014-03-05 20:05 - 0000815 _____ () C:\Users\MrVopi\AppData\Roaming\MPQEditor.ini
2014-04-26 14:49 - 2014-04-26 14:49 - 0000000 _____ () C:\Users\MrVopi\AppData\Roaming\Stardockfences_debug_snapshot.dat
2013-11-11 10:14 - 2014-11-28 06:24 - 0000600 _____ () C:\Users\MrVopi\AppData\Roaming\winscp.rnd
2014-05-08 00:22 - 2014-07-29 00:49 - 0001456 _____ () C:\Users\MrVopi\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-04-24 20:25 - 2014-04-24 20:25 - 0000337 _____ () C:\Users\MrVopi\AppData\Local\Perfmon.PerfmonCfg
2013-11-08 08:50 - 2014-11-28 06:24 - 0000600 _____ () C:\Users\MrVopi\AppData\Local\PUTTY.RND
2015-02-02 18:29 - 2015-02-02 18:29 - 0000763 _____ () C:\Users\MrVopi\AppData\Local\recently-used.xbel
2014-09-09 11:07 - 2015-01-19 04:08 - 0007591 _____ () C:\Users\MrVopi\AppData\Local\Resmon.ResmonCfg
2014-02-26 18:36 - 2014-02-26 18:36 - 0000120 _____ () C:\Users\MrVopi\AppData\Local\sharerapid.err
2014-02-26 18:36 - 2014-02-26 18:36 - 0001048 _____ () C:\Users\MrVopi\AppData\Local\sharerapid.nast
2013-11-22 16:58 - 2013-12-23 18:30 - 0001733 _____ () C:\Users\MrVopi\AppData\Local\SRDownloader.err
2013-11-22 16:28 - 2013-12-26 23:13 - 0001096 _____ () C:\Users\MrVopi\AppData\Local\SRDownloader.nast
2014-03-11 15:39 - 2014-09-23 13:49 - 0002601 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\MrVopi\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\MrVopi\AppData\Local\Temp\Quarantine.exe
C:\Users\MrVopi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-11 09:07




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS) (Fixed) (Total:228.14 GB) (Free:16.02 GB) NTFS
Drive f: (Intel 120GB SSD) (Fixed) (Total:111.79 GB) (Free:7.39 GB) NTFS
Drive g: (SAMSUNG) (Fixed) (Total:2794.51 GB) (Free:660.73 GB) NTFS

Available physical RAM: 13729.23 MB
Total physical RAM: 16323.24 MB
Percentage of memory in use: 15%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0438fe85489d4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8a17f3a7596a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cfecbebe64cb76.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffea78aac9ce8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0204366ad4780.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WebReg .job => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\WINDOWS\SysWOW64\MSIHANDLE:7414
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSIHANDLE:7458
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSIHANDLE:7559
AlternateDataStreams: C:\Users\MrVopi\SkyDrive:ms-properties

==================== Security Center ==================

AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\MrVopi\Desktop" je 3402 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.zip
Log Addition
(13.36 KiB) Staženo 67 x
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivnu kontrolu

#10 Příspěvek od valdoDK »

Vidim tam plno errorov s Office update-om, pritom Office 365 mam normalnu riadnu licenicu. Pisem len pre info.

Edit: Stale mi vypisuje ze nemam platnu licenciu aj ked sa pripojim s kontom vid. priloha.
Přílohy
office.zip
Office licencia
(166.34 KiB) Staženo 75 x
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosim o preventivnu kontrolu

#11 Příspěvek od altrok »

:arrow: Proxyny mate schvalne nebo muzem smazat?

:arrow: Odinstalujte starou verzi javy Java 7 Update 67 a ponechte jen tu aktualni - 8U31.

:arrow: Drzim palce pri opakovani IOS.

:arrow: S Officema Vam nejlip poradej na oficialni podpore MS...

  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\MountPoints2: {04e8cff1-2a36-11e4-8330-001a6b0e2a68} - "H:\AutoRun.exe"
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\MountPoints2: {1994bf05-4249-11e4-8340-001a6b0e2a68} - "G:\HTC_Sync_Manager_PC.exe" 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S3 cpuz137; \??\C:\WINDOWS\TEMP\cpuz137\cpuz137_x64.sys [X]
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]
2015-02-12 10:26 - 2015-02-12 10:26 - 00112640 _____ (forum.viry.cz) C:\Users\MrVopi\Desktop\FRSTLauncher.exe

Task: {22A5B00E-DCC2-491D-934F-62D937FD9790} - System32\Tasks\{040147FF-327D-401E-A4D2-7D7312F4A340} => pcalua.exe -a "C:\Users\MrVopi\Desktop\Command and Conquer Generals + Zero hour\cestina\gen107cz15.exe" -d "C:\Users\MrVopi\Desktop\Command and Conquer Generals + Zero hour\cestina"
Task: {EFE70418-DE42-412E-A05F-AD8D491368A6} - System32\Tasks\{0444306B-798D-4141-ACA2-A9D088FABD09} => pcalua.exe -a C:\Users\MrVopi\Desktop\AirplaneMode_W81_x64_1.4.1_ZPE.exe -d C:\Users\MrVopi\Desktop
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0438fe85489d4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8a17f3a7596a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cfecbebe64cb76.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffea78aac9ce8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0204366ad4780.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivnu kontrolu

#12 Příspěvek od valdoDK »

◉ Proxy mozme kludne pomazat.
◉ Javu som odinstaloval
◉ Dik, vidim ze PPV :) Uslo to o 2b ale tento semester to uz pojde :James008:

◉ Prikladam Fixlog
------------------------------------
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-02-2015 02
Ran by MrVopi at 2015-02-12 11:26:08 Run:1
Running from C:\Users\MrVopi\Desktop
Loaded Profiles: MrVopi (Available profiles: MrVopi)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\MountPoints2: {04e8cff1-2a36-11e4-8330-001a6b0e2a68} - "H:\AutoRun.exe"
HKU\S-1-5-21-826929475-743330940-1988914792-1001\...\MountPoints2: {1994bf05-4249-11e4-8340-001a6b0e2a68} - "G:\HTC_Sync_Manager_PC.exe"

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 cpuz137; \??\C:\WINDOWS\TEMP\cpuz137\cpuz137_x64.sys [X]
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]
2015-02-12 10:26 - 2015-02-12 10:26 - 00112640 _____ (forum.viry.cz) C:\Users\MrVopi\Desktop\FRSTLauncher.exe

Task: {22A5B00E-DCC2-491D-934F-62D937FD9790} - System32\Tasks\{040147FF-327D-401E-A4D2-7D7312F4A340} => pcalua.exe -a "C:\Users\MrVopi\Desktop\Command and Conquer Generals + Zero hour\cestina\gen107cz15.exe" -d "C:\Users\MrVopi\Desktop\Command and Conquer Generals + Zero hour\cestina"
Task: {EFE70418-DE42-412E-A05F-AD8D491368A6} - System32\Tasks\{0444306B-798D-4141-ACA2-A9D088FABD09} => pcalua.exe -a C:\Users\MrVopi\Desktop\AirplaneMode_W81_x64_1.4.1_ZPE.exe -d C:\Users\MrVopi\Desktop
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0438fe85489d4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8a17f3a7596a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cfecbebe64cb76.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffea78aac9ce8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0204366ad4780.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKU\S-1-5-21-826929475-743330940-1988914792-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent => value deleted successfully.
HKU\S-1-5-21-826929475-743330940-1988914792-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-826929475-743330940-1988914792-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKU\S-1-5-21-826929475-743330940-1988914792-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04e8cff1-2a36-11e4-8330-001a6b0e2a68}" => Key deleted successfully.
HKCR\CLSID\{04e8cff1-2a36-11e4-8330-001a6b0e2a68} => Key not found.
"HKU\S-1-5-21-826929475-743330940-1988914792-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1994bf05-4249-11e4-8340-001a6b0e2a68}" => Key deleted successfully.
HKCR\CLSID\{1994bf05-4249-11e4-8340-001a6b0e2a68} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
cpuz137 => Service deleted successfully.
GPUZ => Service deleted successfully.
C:\Users\MrVopi\Desktop\FRSTLauncher.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22A5B00E-DCC2-491D-934F-62D937FD9790}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22A5B00E-DCC2-491D-934F-62D937FD9790}" => Key deleted successfully.
C:\Windows\System32\Tasks\{040147FF-327D-401E-A4D2-7D7312F4A340} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{040147FF-327D-401E-A4D2-7D7312F4A340}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EFE70418-DE42-412E-A05F-AD8D491368A6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFE70418-DE42-412E-A05F-AD8D491368A6}" => Key deleted successfully.
C:\Windows\System32\Tasks\{0444306B-798D-4141-ACA2-A9D088FABD09} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0444306B-798D-4141-ACA2-A9D088FABD09}" => Key deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0438fe85489d4.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8a17f3a7596a.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cfecbebe64cb76.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffea78aac9ce8.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0204366ad4780.job => Moved successfully.
EmptyTemp: => Removed 625.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog 11:26:15 ====
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosim o preventivnu kontrolu

#13 Příspěvek od altrok »

ok, takze stejny postup jeste jednou

fixlist

Kód: Vybrat vše

Start
CloseProcesses:
FF NetworkProxy: "backup.ftp", "109.236.122.14"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "109.236.122.14"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "109.236.122.14"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "78.141.79.233"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "http", "78.141.79.233"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "78.141.79.233"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "78.141.79.233"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
EmptyTemp:
End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivnu kontrolu

#14 Příspěvek od valdoDK »

Ok hotovo, prikladam fixlog:
--------------------------------------
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-02-2015 02
Ran by MrVopi at 2015-02-12 11:48:45 Run:2
Running from C:\Users\MrVopi\Desktop
Loaded Profiles: MrVopi (Available profiles: MrVopi)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
FF NetworkProxy: "backup.ftp", "109.236.122.14"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "109.236.122.14"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "109.236.122.14"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "78.141.79.233"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "http", "78.141.79.233"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "78.141.79.233"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "78.141.79.233"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
EmptyTemp:
End
*****************

Processes closed successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0" => Key deleted successfully.
EmptyTemp: => Removed 33.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 11:48:50 ====
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosim o preventivnu kontrolu

#15 Příspěvek od altrok »

Na malware bylo cisto, takze jeste uklidime.
A pokud nejsou dotazy ci jine problemy, je to ode mne vse.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“