Prosim o pomoc s odstranenim OffersByContext adware

[yare]

Ahoj,
prosim o pomoc s odstranenim adware "OffersByContext", otvira hromady popupu pri nahodnych akci v browseru (Chrome). Pripadne pokud by se nasla dalsi havet, pryc s ni!

RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jaro at 2015-04-20 15:18:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 15 GB (10%) free of 145 GB
Total RAM: 3793 MB (15% free)


======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f01e3cf4-84b3-45f3-8936-dbe042cb6c49 -SystemEventPortName:HostProcess-2c29bc94-d217-4447-bf1a-928f4b85a9e5 -IoCancelEventPortName:HostProcess-f858aae9-2cdd-4481-b652-e9626f1f7e54 -NonStateChangingEventPortName:HostProcess-70273f53-99f1-49ea-b3f0-dbfec6f1552d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:94247d87-6263-4d7a-8574-152bb5f7fb89 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-512b498e-be17-43ae-a3bc-254fe62877c3 -SystemEventPortName:HostProcess-69d368f0-39e9-4405-ac03-715989205199 -IoCancelEventPortName:HostProcess-f20b21c1-33a5-4632-97e6-f3d6b169463c -NonStateChangingEventPortName:HostProcess-e51836c4-5735-4992-8847-f12d9355469b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e6e851b8-fba8-434f-9b0d-47703c8a1272 -DeviceGroupId:
"C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 3303120
\??\C:\Windows\system32\conhost.exe "1207697712049944285-1551447130-92991601-203766880611726339582146027695913827584
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe"
"C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe"
"C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Tenable\Nessus\nessus-service.exe"
nessusd.exe
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe" servicemode
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe" /hide
taskeng.exe {A25F8C9D-4FC9-49B7-AE9E-A36037EA02B4}
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
"taskhost.exe"
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
"C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
"C:\Users\Jaro\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files\Microsoft Office 15\root\office15\outlook.exe" /restore
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\Microsoft Office 15\root\office15\onenote.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3344.0.1426940822\1730818942" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,41 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3190 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Program Files\Microsoft Office 15\root\office15\excel.exe" /restore
"C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe" /restore
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files\Microsoft Office 15\root\office15\winword.exe" /restore
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\QNAP\Qsync\Qsync.exe" /launch_qsync
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.1.1353073512\1016586248" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.2.265739275\966688460" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.4.299113243\783582669" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.6.1486608540\1387192700" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.8.573314088\420556379" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.10.607172856\89173592" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.11.905431297\40510650" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.13.180127481\359467672" /prefetch:673131151
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
"C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.25.1423031018\1572263983" /prefetch:673131151
"C:\Program Files\totalcmd\TOTALCMD64.EXE"
"C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE" /n "C:\Users\Jaro\Dropbox\DeepView\CP_Audit ICTG\09_Pracovni slozka\NZ1 - Reorganizace VICT\CP_Audit_ICTG_NáslednáZpráva1_v0.05.docx" /o "u"
C:\Windows\splwow64.exe 12288
C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "0x1764_0x2588_0x171f42d5e"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3344.98.806677896\1405699571" --ppapi-flash-args=enable_hw_video_decode=1 --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.198.1776857920\1057748190" /prefetch:673131151
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.214.1046368688\1689491730" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.223.813489643\1645855450" /prefetch:673131151
"C:\Windows\sysWow64\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1118452297-4214527533-426205508-100032_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1118452297-4214527533-426205508-100032 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files (x86)\XMPlay 3.8\xmplay.exe"

"C:\Program Files (x86)\Evernote\Evernote\Evernote.exe"
"C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Program Files\trend micro\Jaro.exe" /silentautolog
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.740.263441095\1221541910" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3344 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3344.741.30582020\1703268501" /prefetch:673131151
C:\Windows\system32\svchost.exe -k WbioSvcGroup
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
taskeng.exe {485DC657-2607-4327-B515-D9670D696DB1}
C:\Windows\system32\PrintIsolationHost.exe -Embedding
C:\Windows\system32\sppsvc.exe
"C:\Users\Jaro\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\4f34f0de-bf16-4d4b-8b43-aa62d85b235a-1.job - C:\Program Files (x86)\GoHD\GoHD-codedownloader.exe /rawdata=UenN7plGM0rj6r5XYLWf7xS7iMDRj/sXcJW/hYLRFlTX0bbqzur4vgg1dBwYZFc8y+wMVcUvUE8SKlW4Na1EM9U8kgNqU2Ig0TMNuhHbYszQLrXQxcgnwr5lZLrB6YnQxo9lKXlt5lPouoqaulYGMUViuFX3Hfl3bx50RzvjyxZGiosBmKkByMa4k4BBCImsSUoyHuYCv5ASKRqGHZKZmCPWNmXadJYqfsdZdCHCt2XpS5rCTefR9I4LJxzwWuDhaLqPta3o+xL5C9xJHDY+sqkK8tNdqr70eIkvJdeL5PxOL659eijx/YLzrw9TsYEsPR2npE2uZTIa04Src094Yq8jnuz94XqopToPpBwMTM4yMwXHA0yS8BgNHaYez8IGzG9ruCsFfLlkHJI15wj3Lsd9BCamlWL2yNLyo1aCrkAsfa73gzfZOTdu6yMIEnyCAB8t64JXB2LBf429EWX2DkGQwaOUsC77vt9B1K/kJOIrHG2cZ+n7m92qQhGIhvD3nMmHIATqW/Y+tiV3GMeo8IdZx7/MYiiy3/mErSkKItR2HzMWrixSBYMh5P2LEVG6ZWhHZNp+FojFOZ74Z9Usbq7fGMpd/1QWa5E2U49pUkv7y2dkWG9pdNN7jvF0OLMn0LXbWh73DB6fOQYu6jMVtwMedKlnl5ceGyPZ3MmWcriIz8/XYLtaqHc/eek9Oluw7L2TtILkvI5ZS/kM+rChh1/R6jebGmJPrED7bkNrfTmP/SaR1YHAgkyN5OLyNZtxdQKBXg2/yU9qZdjYqRVj4Hp5irrnmwg5MXp+qpC4aV9Ilq1YuQqRlFseypSnpHv+G90Gar2TovyUViHnh5b28hLbY9lr+i16AI9uhiUq6dgYYM+Ba6MSW1aoX1mqX5gMfHUJFJCVuKwu2QYvWW34HPXfGJkWtUKeglG7mTTCTblOhYb4Vg9Hm8HPWFIzybNvMgc1K7db88omK6FMLB+xLPswBK0lnTyBg4nN0jwHfvhfzfh7Jy3+Hc53Ty+NOr7SJMC2D1sMgmtwXtjmtm/Y+cmfmtdeCCpuUkw9thiMV8WQ8FN3bKXE/Lq6j0s07XK+kmiztqtgfViZHDm0Py/BR5lCUok7iPwpLyJZ2onKWhOnz9R22Aph8eGbXXt1vP+a/cyr4mM/+ZShSEtmElSFWLzH/CHJy1nB+z+MXkm/hoyJ+ySjSIKd4qCBkVNpld0dzba7gQSioAMpJ2mpbuGO3nmRg4N7x5Sds07h3dngFcaNVwju61TaTQiWfvsD3Kx0azPob9819qfPVfuvXLICuHAfEzYCtzrsrNx2AwNYJu58/dvEEqSs+ezICUMeARmX/Ws+EAmc8ZHinMQCFAtBiXbFiDcl52lMsiJTPLeD5r3OBrLog4lmQqxS/nEvDNTV9pTfEJs7zmqAvUva7+umQhF18bJ/ZYwgNgUnOB0uRVkNAPTsA2EHsDLH2EQpc5p6Ybi8I2GkSVjs62g1JmL8UjbWOrnV+epXwcsGfgNbqaNawHe8/DrUZdTi3k1O6PwU
C:\Windows\tasks\4f34f0de-bf16-4d4b-8b43-aa62d85b235a-11.job - C:\Program Files (x86)\GoHD\4f34f0de-bf16-4d4b-8b43-aa62d85b235a-11.exe /rawdata=DGa9hLO0xLJdocV9cQNphf7Fh4Vl61PdEGf9n2PLQ92oymV1LC59MNiJQvTCNQmMHTArRNdWhIUGpc7EBPPeknLGaG7MabThsygBsWJ/nFwfZb86Bt4uypO8qJ5RpxQsYM6HEN1yfVGyLyfKCL3NNWf75LvaFiBXLRb//KR5fVjG+7kfWT8N2dtp3Z2YsZDOBm5pCcvFuZGR+a0O6iyYCepyXrs2szr1cvupcpmhS51QTpDEbTd7Sm4IDsqMgpoaFbWVgklQ/R3gmon3aEO2cOfeWFSptkS0lK3ngPX4SoIRiPtCxf1zI9GLh85578qdjOH3tTzBI2rn3XoMv2nRw77SOjo+4g95r3NKazEqJF1wwUSke6QhfDUVt2J1rNvOfZ56/z6n1y0E8Q3aGMp2aZYvdXiQVDorDK8ptb02Fg6t2jfVYbjJGz9r2rycy89fNXjBpSkZ+Q8rPFQfdQFUaeySvmso8ney6EQGhWnvOlsn4pVlZ906htb6YHIZEpJnPQWDLIjHiOGQPOrDqrW2bIg6FoX+RvIMpm01c14ZD7fSV5FMw8Hmu7GXVJQ/ahJz7LG9tX+DGzzIUtp0xq2JZDSf0TAzRlcsg4XVGcMXbLYZD7rn/0uL+GTdY+3XUTTML59HXUgLSNH4vSL/bxMlXtVPZt8N/EmRGUuek3K2yrAoLn/Jl0weWwnFbXSyAGOP/Zuk1yp32xRY+iLy1Qw95r+91c1pph1tdsgZzqCOYFfzNdCo3DtBgCCYITzGOJ49LGa0J8u8GYGIQ/bWHonPiFhYJy1CARd3bCGnelvq/2+kj6kJZ7EYKMzSqgOyivHcUWMO29BYtH7IH6SJ5FZvgaVNailviKI0PP7PxfJLsqRa1PtnIHFLmQu7NRK1/Jf9HSUdlZsGfs5Ax09zoH22+xiQuvM/jcS7jVHxsx3wDjoKZD3oAh+qDg+nRHWBN1sYYN7CG+wUnYHouxkiAzV5cN9yrHpo0H9uVftMgtP+1mwBP/LRsW6PjhTqfxVsQtc1Mv3LawXswpVwAkTHD05RSrw1wKXqpdtMKohiOh5YQsqm5koGHjwDhpGcqDInsRQrhkXGvGP3kjx8xyHSHr3MwYafGSnLd6lYu68sRSDBiL/fD1F5KjheNkOpV7wE2eJG8aOCzysRwFLKNKne6Sa+sa7UmtRFtbp/f+hAaIPnpfhIL40ufqlS3sRa1RV7U2c3IfPnHobKE6pEgFwYKqvCTRKRCqhZkKHE01PdW5hQyqKzeko/G7cuxq38u6G3PUZORPyr8LxfrNxOu2eTd9QnW1NkgvqjawAsSXWXNWC9gf9aNEoLkU0u2gQAAC3OxaM7eGs+Kx7CwGF0iGxmzwWaJLeoTdqpxXIbS6/ysKWBCb09CXYtZpJat8BrEjAM8SqVXC0rlSXgAfFjbNZ1nEdFF0omPzwU4NnM+AWJwybWs6rlRauebg256pDOiP9ERkb2WS1VaeAVR+v5VhvfGWPLMj/MnNmcKjSmk4dblsBQ8aVV6qUVhPw6kj/855LbvJtAo1Tlx/K2OzOLWyhCAyBNqwTxG07nB+t1A+PcYtVJ/TKkFYjAObOqp78lHXmJjQi9kidU5jiY11May8Skl0VCXKXdQW4fLZHvJ+5LKCU6c7sQDoZP0TZufQRG/MaHanOCPZPfnqpV+cKwipWFTVHl/x7uqAUx2d9pybnGfbAQqZ4ZcRYX/mOunAEqf2ezGsRkHCAFO5Iv0R/9I89pdT2ow+Y4Wxr8yfiFzepwzkBvy4yEULPCoChxvCSdg7dwDnYdE8m5j0gR63Pyu31DUZnbZ2fw631r6wqqCyOVeigXM5IrIaJtZwMkPO1ft1sYsDx6UuQ+q/jsSYqeM23c3/1wfHxJxQBiRGjKlnkxuECwiZO8Yg/QAz/paBzBwDoQVfsZBTRLJ0T2tyZ/YKnxra37AoFWE93XrxpA3OG7sWkuE7qG6Y3XdaSN+AZCQ8FbDEjQ4cQ6vr6FauSDQOWWFVcaJLyU3DE32qvAH53Mj+qVeTriHdi0Cfq4FBz1Xhtm7Rj7I7x5jvCbsXvhPrgT49B7Y6KyGnXnPNSAtaqQYD2jzh9mGaDsM0kdtKbF7M2+DNHfxXcuDkyGYI9prgKdu+dx+9eIGndbUHqdWzrrxpGhvoVYMuLjiXnrEeda9wfguF9guXIhu46X5c8Rb0DnefXFyfMvunn9sVVawfWDvsv+7A9YuPbJyoKxT/MVflrEd1p52CYD/9YOnOcOE+NWbnHoj4TfsQ16KVquXUrd6gCdB/G3oV0nkGBm9jSKldInt+dw6zkLyF0KaMwSb07+/08sO/CU7PP4rotj/qhDzsSALK6z0u054hxWqB1fcGuPRj/rKhzVnR2KqDQS17TI1zpiOw==
C:\Windows\tasks\4f34f0de-bf16-4d4b-8b43-aa62d85b235a-5.job - C:\Program Files (x86)\GoHD\4f34f0de-bf16-4d4b-8b43-aa62d85b235a-5.exe /rawdata=tDDKrHDRV8ZAtgtB765ovaAzPitLc/JC9dvuEd7eRtj+8c/LOR5VZ110pOivmnJBXvrj85jOUtN8Ya1Ga0Xbb5dEl3AmOOjRkg6eyks6tWtpGJfcbXWjIy/eLZXczC26OSYccLUEj2vfkbSmX4aAa+n7JUzL271aRNQnXUyxe8+aqvbqU5nhgYjZzBZbkm+h82RXxG1WaaqDyKDJHIVNwfwJYbG53Coyh197o3PrYShwkz6ZJEqLM2bt/7ea1W/f+rAaSoedSMe1EjBcm23uW/H4GJbGew9FncpGh7NV0zzlue/q/pkRtEUfBFzDEzaXDo4zOlbbl7WHXD9OsG8ImThRchI+pRaxIDGjEd6fbPbEl+uCgVarMe/rDF+6K3Fjj1acLgoNP7y95Yzsu5yFIT7JEY80Vl0lInlUfII5ojoZpToYiHcIIHtnYadEvp+9MYGEmKUp2T7rV+0pKtLNJH2kkgJzFLD4lU+l62PLrekud97UvrSsMmJiM69RAEewTI6djFT56TCVergxG4/eUY3Td4he3BuU8bNZYvSr7tuahdNoSUe8sXEyqeNF2RUJZQ3pAwFLFA4HZNB/HaZdipe3x8Uqel52SbBHAE6CANo6fu8REnWu5Cz5x+Nxdb9sZqqpGoZc1X3grhVKQMz+GM74vOhPI2DU4eMurC6J3sp2mWUBovDeHXtwdctjnZAJUGFBZ+w9xVnbkLGqApRBCMdeVtrOz4uUH07W4cL7x5TJHbYrDs/diY6Q9NGssZKYblSJZQxEC+vb78wtbFYmnhdjQkASuCIE/Czi5YmY2mumtgGH3F/swLDVcuZswfWUr+RIhqJqczp0DF451oUUSEMyl+2RPF+uxHaKJeiH9S7BGt/Ni7xFumBv2OEyTzoQpuhmh2YAWxWQJOETiUG10TwDCDeLDiEmTUkaQFAI82EPbRml8EBguyopDyjHWbGR846maD7QVADmpvdDDnClyff5p+9cOxlTB10LxdCht1f64wj7bRm71fVFfGbCSV3Q
C:\Windows\tasks\4f34f0de-bf16-4d4b-8b43-aa62d85b235a-5_user.job - C:\Program Files (x86)\GoHD\4f34f0de-bf16-4d4b-8b43-aa62d85b235a-5.exe /rawdata=tDDKrHDRV8ZAtgtB765ovaAzPitLc/JC9dvuEd7eRtj+8c/LOR5VZ110pOivmnJBXvrj85jOUtN8Ya1Ga0Xbb5dEl3AmOOjRkg6eyks6tWtpGJfcbXWjIy/eLZXczC26OSYccLUEj2vfkbSmX4aAa+n7JUzL271aRNQnXUyxe8+aqvbqU5nhgYjZzBZbkm+h82RXxG1WaaqDyKDJHIVNwfwJYbG53Coyh197o3PrYShwkz6ZJEqLM2bt/7ea1W/f+rAaSoedSMe1EjBcm23uW/H4GJbGew9FncpGh7NV0zzlue/q/pkRtEUfBFzDEzaXDo4zOlbbl7WHXD9OsG8ImThRchI+pRaxIDGjEd6fbPbEl+uCgVarMe/rDF+6K3Fjj1acLgoNP7y95Yzsu5yFIT7JEY80Vl0lInlUfII5ojoZpToYiHcIIHtnYadEvp+9MYGEmKUp2T7rV+0pKtLNJH2kkgJzFLD4lU+l62PLrekud97UvrSsMmJiM69RAEewTI6djFT56TCVergxG4/eUY3Td4he3BuU8bNZYvSr7tuahdNoSUe8sXEyqeNF2RUJZQ3pAwFLFA4HZNB/HaZdipe3x8Uqel52SbBHAE6CANo6fu8REnWu5Cz5x+Nxdb9sZqqpGoZc1X3grhVKQMz+GM74vOhPI2DU4eMurC6J3sp2mWUBovDeHXtwdctjnZAJUGFBZ+w9xVnbkLGqApRBCMdeVtrOz4uUH07W4cL7x5TJHbYrDs/diY6Q9NGssZKYblSJZQxEC+vb78wtbFYmnhdjQkASuCIE/Czi5YmY2mumtgGH3F/swLDVcuZswfWUr+RIhqJqczp0DF451oUUSIpjznW4bpZCyy7c4uaxC11RAORBTBr+OFosiwUFKMVvSonmjowvW6QJXop1ZPaL4kUgBdqvxB1nZA8U3qbjP1ewU2Apd4CuwCAoAdl2VIrj1W+W240tlvb25TfR+2/5oAS8f5QlUAMP9jwFquyd2Mj1OnL2fayQKzZRWLHjrs2z
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\ext_coupons_notification_service.job - C:\Program Files (x86)\ext coupons\ext_coupons_notification_service.exe /url='http://cdn.selectbestopt.com/notf_sys/index.html' /crregname='ext coupons' /appid='73143' /srcid='2913' /bic='a15900dbd44a8c8d137b9627f04151f2' /verifier='da3c93c905c289f459c6632d7bbf0212' /installerversion='1.50.3.10' /statsdomain='http://stats.buildomserv.com/data.gif?' /errorsdomain='http://stats.buildomserv.com/data.gif?' /monetizationdomain='http://logs.buildomserv.com/monetization.gif?' /installationtime='1427979577' /runfrom='task' /brwtype='notbg' /postponedhours='6'
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\8j1i7dtf.default-1422862319377

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\8j1i7dtf.default-1422862319377\extensions\
RqGaqGz5e@gmail.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-08-26 626528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-08 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-06-01 184112]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-06-18 11586944]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-06-28 13631704]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-06-28 1321176]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2014-02-17 384344]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2014-08-07 295712]
"AcWin7Hlpr"=C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [2014-03-14 63832]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-06-14 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-09-21 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-09-21 441152]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06 2823408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_68FD5B33B33C409F0566CE8B8E5A9662"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-04-13 812872]
"E0DEC055EEF57B6EF1702CE0FAE141836FCD1F04._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-04-13 812872]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-27 5583120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX]
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-05-13 134616]
"PWMTRV"=rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"Lenovo Registration"=C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2011-06-01 4315872]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31 508656]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-09-01 152392]
"Qsync"=C:\Program Files (x86)\QNAP\Qsync\Qsync.exe [2014-12-11 14528176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe

C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jaro\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-06-14 442880]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Windows\System32\WScript.exe" "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2015-04-20 14:45:37 ----D---- C:\Program Files\trend micro
2015-04-20 14:45:36 ----D---- C:\rsit
2015-04-15 10:03:45 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 10:03:45 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 10:03:45 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 10:03:45 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 10:03:45 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 10:03:45 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 10:03:45 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 10:03:45 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 10:03:45 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 10:03:45 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 10:03:45 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:03:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:03:44 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 10:03:44 ----A---- C:\Windows\system32\wups.dll
2015-04-15 10:03:44 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 10:03:44 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 10:03:33 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 10:03:33 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 10:03:33 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 10:03:33 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 10:03:33 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 10:03:33 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 10:03:33 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 10:03:33 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 10:03:32 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 10:03:32 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 10:03:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 10:03:32 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 10:03:32 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 10:03:32 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 10:03:29 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 10:03:29 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:03:29 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 10:03:28 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 10:03:28 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 10:03:28 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 10:03:28 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 10:03:28 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 10:03:28 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 10:03:28 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 10:03:28 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 10:03:28 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 10:03:28 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 10:03:28 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 10:03:28 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 10:03:27 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\smss.exe
2015-04-15 10:03:27 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 10:03:27 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 10:03:27 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 10:03:27 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 10:03:27 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 10:03:27 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 10:03:27 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 10:03:26 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 10:03:26 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 10:03:26 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 10:03:26 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 10:03:26 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 10:03:26 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 10:03:26 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 10:03:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 10:03:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 10:03:21 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 10:03:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:03:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:03:21 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 10:03:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 10:03:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 10:03:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 10:03:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 10:03:20 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 10:03:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 10:03:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 10:03:20 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:03:20 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 10:03:20 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 10:03:19 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 10:03:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 10:03:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 10:03:19 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 10:03:19 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 10:03:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 10:03:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 10:03:18 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 10:03:18 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 10:03:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 10:03:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 10:03:18 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:03:18 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 10:03:18 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 10:03:18 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:03:18 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 10:03:17 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 10:03:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 10:03:17 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 10:03:17 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 10:03:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 10:03:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 10:03:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 10:03:16 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 10:03:16 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 10:03:16 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 10:03:16 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 10:03:16 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 10:03:15 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 10:03:15 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 10:03:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 10:03:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 10:03:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 10:03:15 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 10:03:14 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 10:03:14 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 10:03:14 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 10:00:57 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 10:00:57 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 10:00:57 ----A---- C:\Windows\system32\clfs.sys
2015-04-14 07:36:53 ----D---- C:\Users\Jaro\AppData\Roaming\LSC
2015-04-14 07:30:09 ----D---- C:\ProgramData\ESET
2015-04-14 07:30:09 ----D---- C:\Program Files\ESET
2015-04-08 09:40:54 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-08 09:40:54 ----SD---- C:\Windows\system32\GWX

======List of files/folders modified in the last 1 month======

2015-04-20 15:18:13 ----D---- C:\Windows\Temp
2015-04-20 14:45:37 ----RD---- C:\Program Files
2015-04-20 13:57:28 ----D---- C:\Windows\System32
2015-04-20 13:57:27 ----D---- C:\Windows\inf
2015-04-20 13:57:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-20 12:41:50 ----D---- C:\Windows\system32\config
2015-04-17 14:01:26 ----D---- C:\Users\Jaro\AppData\Roaming\Dropbox
2015-04-17 13:27:15 ----D---- C:\Windows\winsxs
2015-04-17 13:27:12 ----D---- C:\ProgramData\VMware
2015-04-17 13:26:37 ----D---- C:\Windows\SysWOW64
2015-04-17 13:26:22 ----D---- C:\Program Files (x86)\XMPlay 3.8
2015-04-17 12:12:51 ----D---- C:\Windows\rescache
2015-04-17 12:07:23 ----D---- C:\Windows\AppCompat
2015-04-17 10:34:08 ----D---- C:\Windows\Microsoft.NET
2015-04-16 15:16:46 ----RSD---- C:\Windows\assembly
2015-04-16 14:19:26 ----SHD---- C:\System Volume Information
2015-04-16 14:05:21 ----SHD---- C:\Config.Msi
2015-04-16 14:05:21 ----RD---- C:\Program Files (x86)
2015-04-16 14:04:48 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 14:04:48 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 14:04:48 ----D---- C:\Windows\system32\wbem
2015-04-16 14:04:48 ----D---- C:\Windows\system32\en-US
2015-04-16 14:04:48 ----D---- C:\Windows\system32\appraiser
2015-04-16 14:04:48 ----D---- C:\Windows\AppPatch
2015-04-16 14:04:47 ----D---- C:\Windows\system32\drivers
2015-04-16 14:04:47 ----D---- C:\Program Files\Internet Explorer
2015-04-16 14:04:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-16 09:49:04 ----SHD---- C:\Windows\Installer
2015-04-16 09:49:03 ----D---- C:\ProgramData\Microsoft Help
2015-04-16 09:48:57 ----A---- C:\Windows\vbaddin.ini
2015-04-16 09:48:39 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-04-16 09:48:06 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 09:45:33 ----D---- C:\Windows\system32\MRT
2015-04-16 09:36:09 ----D---- C:\Windows\debug
2015-04-16 09:36:07 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 11:05:47 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-15 09:53:52 ----D---- C:\Windows\system32\catroot2
2015-04-14 08:01:35 ----D---- C:\Windows\Tasks
2015-04-14 08:01:35 ----D---- C:\Windows\system32\Tasks
2015-04-14 07:30:48 ----D---- C:\Windows\system32\DriverStore
2015-04-14 07:30:09 ----HD---- C:\ProgramData
2015-04-14 07:25:47 ----RSD---- C:\Windows\Fonts
2015-04-11 12:38:41 ----A---- C:\IFRToolLog.txt
2015-04-08 16:59:59 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-04-08 16:55:58 ----D---- C:\Program Files\Microsoft Office 15
2015-04-08 10:48:10 ----D---- C:\Users\Jaro\AppData\Roaming\vlc
2015-04-08 09:41:23 ----D---- C:\Windows\Logs
2015-04-03 19:47:07 ----D---- C:\Users\Jaro\AppData\Roaming\TeamViewer
2015-04-01 17:52:37 ----D---- C:\Program Files (x86)\XMind
2015-03-23 15:02:54 ----D---- C:\Users\Jaro\AppData\Roaming\uTorrent
2015-03-22 10:46:57 ----D---- C:\Program Files\Lenovo
2015-03-22 10:46:45 ----D---- C:\Windows\Downloaded Installations

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 dlkmdldr;dlkmdldr; C:\Windows\system32\drivers\dlkmdldr.sys [2014-07-09 18736]
R0 DzHDD64;DzHDD64; C:\Windows\System32\DRIVERS\DzHDD64.sys [2014-09-10 29512]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-05-30 569152]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-10-16 20024]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2014-01-29 152888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2014-01-29 29496]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-02-02 243464]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-02-02 177032]
R1 nbdrv;NetBalancer LightWeight Filter; C:\Windows\system32\DRIVERS\nbdrv.sys [2013-11-25 41392]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2014-09-10 20736]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2015-02-02 159992]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2014-02-27 54464]
R2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-26 101888]
R2 smihlp2;SMI Helper Driver (smihlp2); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-31 13128]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-02-11 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-05-21 111104]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2012-06-09 849408]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 dlkmd;dlkmd; C:\Windows\system32\drivers\dlkmd.sys [2014-07-09 435504]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-03-18 30352]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2014-06-27 495376]
R3 ecnssndis; Mobile Broadband Driver; C:\Windows\System32\Drivers\wwuss64.sys [2011-10-05 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter; C:\Windows\System32\Drivers\wwussf64.sys [2011-10-05 29736]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2014-11-14 60112]
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-07-10 60928]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-06-14 5359168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-07-02 3472600]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-10-16 358456]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-10-16 791608]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2013-11-11 25528]
R3 l36wgps; Mobile Broadband GPS Port; C:\Windows\system32\DRIVERS\l36wgps64.sys [2012-03-02 103184]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 118016]
R3 Mbm3CBus;N5321 gw Mobile Broadband Device (WDM); C:\Windows\system32\DRIVERS\Mbm3CBus.sys [2013-04-22 443648]
R3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM); C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [2013-04-22 455936]
R3 Mbm3mdfl; Mobile Broadband Modem Port Filter; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [2013-04-22 22272]
R3 Mbm3Mdm; Mobile Broadband Modem Port Driver; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [2013-04-22 508160]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-05-13 64624]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2014-07-01 11524096]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2011-12-26 40248]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-08-06 31472]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2013-03-15 1450104]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-08-06 566000]
R3 tapoas;TAP-Win32 Adapter OAS; C:\Windows\system32\DRIVERS\tapoas.sys [2010-08-03 30720]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2011-05-29 40248]
R3 tvtvcamd;Camera Plus (VGA Resolution Maximum); C:\Windows\system32\DRIVERS\tvtvcamd.sys [2011-12-08 27432]
R3 usb3Hub;UoIP Hub; C:\Windows\system32\DRIVERS\usb3Hub.sys [2013-06-20 206744]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-02-11 552960]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 DIRECTIO;DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys []
S3 DisplayLinkUsbIo_x64;DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.6.56275.0.sys [2014-07-10 46384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-11-11 35256]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
S3 LVUVC64;Logitech QuickCam S5500(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Razerlow;Razer Pro|Solutions; C:\Windows\system32\drivers\Razerlow.sys [2005-11-07 21120]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [2014-03-14 133464]
R2 AcSvc;AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [2014-03-14 272728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-08-28 43336]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-06-18 1095616]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-06-18 1333184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-06-18 1124288]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-02-10 2714800]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 DisplayLinkService;DisplayLinkManager; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2014-07-09 10571056]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2015-02-16 1566424]
R2 EraAgentSvc;ESET Remote Administrator Agent; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [2015-02-17 2685640]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-08-18 632528]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2014-11-14 84208]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-13 169432]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2014-08-07 59168]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-12-11 111048]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2014-08-07 72992]
R2 LENOVO.TVTVCAM;Lenovo Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-08-07 197408]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2014-07-08 115184]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-13 366552]
R2 NetBalancerService;NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [2014-12-12 128776]
R2 OpenVPNAccessClient;OpenVPN Access Client; C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [2010-08-12 24064]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-08-18 154832]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 Tenable Nessus;Tenable Nessus; C:\Program Files\Tenable\Nessus\nessus-service.exe [2014-06-11 18160]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-06-10 124400]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2014-04-01 126512]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-12-17 248736]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1272592]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-09-01 640840]
R3 Power Manager DBC Service;Power Manager Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-09-10 1668896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-06-14 279000]
S3 DozeSvc;Lenovo Doze Mode Service; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2014-09-10 319536]
S3 EHttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [2015-02-16 41160]
S3 eshasrv;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [2015-02-16 183496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-18 114288]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-08-18 265936]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-01 150600]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-02-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2014-09-10 1664800]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2015-01-15 49648]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2014-01-29 49976]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Zdravím:
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[yare]

Log z AdwCleaneru:

# AdwCleaner v4.201 - Logfile created 20/04/2015 at 23:33:18
# Updated 08/04/2015 by Xplode
# Database : 2015-04-20.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Jaro - JARO-THINK
# Running from : C:\Users\Jaro\Downloads\adwcleaner_4.201 (1).exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\smdmf
Folder Deleted : C:\Windows\Util
Folder Deleted : C:\Users\Jaro\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Jaro\AppData\LocalLow\GoHD
Folder Deleted : C:\Users\Jaro\AppData\Roaming\FirefoxToolbar
Folder Deleted : C:\Users\Jaro\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\8j1i7dtf.default-1422862319377\Extensions\RqGaqGz5e@gmail.com
Folder Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
Folder Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn
Folder Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
Folder Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
Folder Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gijpiklekffjdhakddncmmfoljbopjka
Folder Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipfnecmlncaiipncipkgijboddcdmego
File Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage
File Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage-journal
File Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipfnecmlncaiipncipkgijboddcdmego_0.localstorage
File Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipfnecmlncaiipncipkgijboddcdmego_0.localstorage-journal
File Deleted : C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\8j1i7dtf.default-1422862319377\invalidprefs.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
File Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
File Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.listango.com_0.localstorage
File Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.listango.com_0.localstorage-journal
File Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_daemon-tools.en.softonic.com_0.localstorage
File Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_daemon-tools.en.softonic.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : ASP
Task Deleted : ext_coupons_notification_service
Task Deleted : 4f34f0de-bf16-4d4b-8b43-aa62d85b235a-1
Task Deleted : 4f34f0de-bf16-4d4b-8b43-aa62d85b235a-11
Task Deleted : 4f34f0de-bf16-4d4b-8b43-aa62d85b235a-5
Task Deleted : 4f34f0de-bf16-4d4b-8b43-aa62d85b235a-5_user

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622212280}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C43F0D7D-78F0-47B8-954C-8FB36960B785}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C43F0D7D-78F0-47B8-954C-8FB36960B785}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622212280}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SmdmF
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\GoHD
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SmdmF
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\GoHD
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 162.216.155.136:7808
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;<local>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v33.1.1 (x86 en-US)


-\\ Google Chrome v42.0.2311.90

[C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : dgpdioedihjhncjafcpgbbjdpbbkikmi
[C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : fpmeembnagmagppkgghhfjfdfajdfcah
[C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : mgdnblnolcinnndenjnollpiplgkbjcn
[C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : niloccemoadcdkdjlinkgdfekeahmflj
[C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : mfhnkgpdlogbknkhlgdjlejeljbhflim
[C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : gijpiklekffjdhakddncmmfoljbopjka
[C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : ipfnecmlncaiipncipkgijboddcdmego
[C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Default_Search_Provider_Data] :

*************************

AdwCleaner[R0].txt - [47428 bytes] - [20/04/2015 23:31:52]
AdwCleaner[S0].txt - [11636 bytes] - [20/04/2015 23:33:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11696 bytes] ##########

[Rudy]

Dejte nový log RSIT.