Brutál pomalý notebook

[oflo]

Zdravím. Mám hrozně pomalý notebook. Pomalu se načítá při startupu a i když už je načtený, tak to není moc rychlé. Nevím, jestli je to čistě tím, že jsem ho za tu dobu již dost zasvinil a dlouho nereinstaloval, nebo jestli je tu nějaký vir. Co by s tím mohlo být? Díky.

Zde log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by NP530 at 2015-08-18 15:46:33
Microsoft Windows 8
System drive C: has 11 GB (3%) free of 425 GB
Total RAM: 3798 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:46:39, on 18. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17377)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Users\NP530\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\NP530\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\NP530.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Launcher6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015N
O4 - HKLM\..\Run: [6015N RUN] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
O4 - HKLM\..\Run: [StatusAutoRun6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Users\NP530\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\NP530\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_98553AD20699319A411355EAAAAD5E3A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Dropbox.lnk = NP530\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: ExpressCache - Condusiv Technologies - C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MyPublicWiFi Service (MyPublicWiFiService) - Unknown owner - C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XRcnStatutsDatabase (XRNADB) - Unknown owner - C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16398 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\WLANExt.exe 260380236864
\??\C:\windows\system32\conhost.exe 0x4
taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe"
dashost.exe {2f99f37a-4fc6-4fd5-a6e6cab6bf1974b7}
ClassicStartMenu.exe -startup
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe"
"C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Samsung\Settings\sSettings.exe" /s
"C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /S3HpProtect
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c81b7468-9775-4f87-9d12-d59a689b0e23 -SystemEventPortName:HostProcess-5ab85924-2a41-43c5-a420-e4fdb436be86 -IoCancelEventPortName:HostProcess-412f809a-1a74-4590-befd-2f6ba96c3146 -NonStateChangingEventPortName:HostProcess-6518e86f-b09b-47da-8c44-ba8cc1b98373 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d1620a6f-d8f0-404a-affc-c01fa36f4d6f -DeviceGroupId:WudfDefaultDevicePool
C:\windows\System32\alg.exe
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Samsung\S Agent\CommonAgent.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Users\NP530\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Users\NP530\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Trillian\trillian.exe"
C:\windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --on-initialized-event-handle=416 --parent-handle=420
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5592.0.842852966\1986914968" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2817 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015N
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe"
\??\C:\windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\system32\SppExtComObj.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.1.423958688\702540182" --font-cache-shared-handle=2360 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.2.1382402325\1494527462" --font-cache-shared-handle=2772 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.3.1115211892\1470633361" --font-cache-shared-handle=2772 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.4.1391789072\371573275" --font-cache-shared-handle=2784 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.5.283685026\1517942827" --font-cache-shared-handle=3008 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.6.822507200\1783627622" --font-cache-shared-handle=3096 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.9.1166036989\2113861426" --font-cache-shared-handle=3432 /prefetch:673131151
"C:\Program Files\Samsung\Recovery\WCScheduler.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.11.301542507\1328064755" --font-cache-shared-handle=3936 /prefetch:673131151
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.15.568309890\1054726320" --font-cache-shared-handle=5304 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.16.1321630241\289924656" --font-cache-shared-handle=7192 /prefetch:673131151
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.17.924659583\1419754292" --font-cache-shared-handle=1452 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.21.79754438\950464763" --font-cache-shared-handle=9100 /prefetch:673131151
"C:\windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5592.22.2065223381\2053013531" --font-cache-shared-handle=8920 /prefetch:673131151
"C:\Users\NP530\Desktop\RSITx64.exe"
"C:\Windows\System32\bcdedit.exe" /deletevalue {current} bootstatuspolicy
\??\C:\windows\system32\conhost.exe 0x4

======Scheduled tasks folder======

C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001Core.job - C:\Users\NP530\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001UA.job - C:\Users\NP530\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18 796352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-02-27 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-02-27 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18 674496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18 437440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18 796352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18 674496]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-08-08 11554688]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-06 2862448]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-07-27 170304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-07-27 398656]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-07-27 440640]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-01-18 161984]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2015-01-27 3619160]
"MP3 Skype Recorder"=C:\Users\NP530\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe [2014-06-27 1544704]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25 31682144]
"Dropbox Update"=C:\Users\NP530\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16 134512]
"GoogleChromeAutoLaunch_98553AD20699319A411355EAAAAD5E3A"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-08-08 813896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-04-04 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-13 155488]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Launcher6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2011-05-19 2571264]
"6015N RUN"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [2012-07-16 355840]
"StatusAutoRun6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [2012-07-16 3984896]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

C:\Users\NP530\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\NP530\AppData\Roaming\Dropbox\bin\Dropbox.exe
Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-07-25 439296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=C:\windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\windows\SysWOW64\tsc2_codec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-18 15:46:34 ----D---- C:\Program Files\trend micro
2015-08-18 15:46:33 ----D---- C:\rsit
2015-08-18 15:35:52 ----A---- C:\AdwCleaner[C1].txt
2015-08-18 15:33:07 ----A---- C:\AdwCleaner[S1].txt
2015-08-18 15:33:03 ----D---- C:\AdwCleaner
2015-08-18 15:11:58 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-08-18 15:04:25 ----ASH---- C:\pagefile.sys
2015-08-17 19:25:23 ----D---- C:\Program Files (x86)\MyPublicWiFi
2015-08-17 19:25:23 ----A---- C:\windows\system32\drivers\ndiskhaz.sys
2015-08-16 23:19:09 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2015-08-16 23:19:09 ----A---- C:\windows\SYSWOW64\davclnt.dll
2015-08-16 23:19:09 ----A---- C:\windows\system32\WebClnt.dll
2015-08-16 23:19:09 ----A---- C:\windows\system32\davclnt.dll
2015-08-16 23:19:08 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-08-16 23:19:08 ----A---- C:\windows\system32\mstscax.dll
2015-08-16 23:19:07 ----A---- C:\windows\SYSWOW64\aaclient.dll
2015-08-16 23:19:07 ----A---- C:\windows\system32\aaclient.dll
2015-08-16 23:18:55 ----A---- C:\windows\system32\csrsrv.dll
2015-08-16 23:18:55 ----A---- C:\windows\system32\basesrv.dll
2015-08-16 23:18:51 ----A---- C:\windows\system32\mcupdate_GenuineIntel.dll
2015-08-16 23:18:49 ----A---- C:\windows\system32\invagent.dll
2015-08-16 23:18:49 ----A---- C:\windows\system32\generaltel.dll
2015-08-16 23:18:49 ----A---- C:\windows\system32\devinv.dll
2015-08-16 23:18:49 ----A---- C:\windows\system32\appraiser.dll
2015-08-16 23:18:48 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-08-16 23:18:48 ----A---- C:\windows\system32\aeinv.dll
2015-08-16 23:18:48 ----A---- C:\windows\system32\acmigration.dll
2015-08-16 23:17:53 ----A---- C:\windows\system32\drivers\WdFilter.sys
2015-08-16 23:17:50 ----A---- C:\windows\system32\drivers\WdBoot.sys
2015-08-16 23:17:45 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 23:17:45 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 23:17:39 ----A---- C:\windows\SYSWOW64\msxml6.dll
2015-08-16 23:17:39 ----A---- C:\windows\system32\msxml6.dll
2015-08-16 23:17:37 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-08-16 23:17:37 ----A---- C:\windows\system32\msxml3.dll
2015-08-16 23:17:35 ----A---- C:\windows\system32\win32k.sys
2015-08-16 23:17:35 ----A---- C:\windows\system32\DWrite.dll
2015-08-16 23:17:34 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-08-16 23:17:34 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-08-16 23:17:34 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-08-16 23:17:34 ----A---- C:\windows\system32\FntCache.dll
2015-08-16 23:17:34 ----A---- C:\windows\system32\atmlib.dll
2015-08-16 23:17:34 ----A---- C:\windows\system32\atmfd.dll
2015-08-16 23:17:29 ----A---- C:\windows\system32\mshtml.dll
2015-08-16 23:17:23 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-08-16 23:17:21 ----A---- C:\windows\system32\ieframe.dll
2015-08-16 23:17:19 ----A---- C:\windows\system32\jscript9.dll
2015-08-16 23:17:15 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-08-16 23:17:12 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-08-16 23:17:12 ----A---- C:\windows\system32\wininet.dll
2015-08-16 23:17:10 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-08-16 23:17:10 ----A---- C:\windows\system32\iertutil.dll
2015-08-16 23:17:09 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-08-16 23:17:09 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-08-16 23:17:09 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-08-16 23:17:09 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-08-16 23:17:09 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-08-16 23:17:09 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-08-16 23:17:09 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-08-16 23:17:09 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-08-16 23:17:09 ----A---- C:\windows\system32\vbscript.dll
2015-08-16 23:17:09 ----A---- C:\windows\system32\urlmon.dll
2015-08-16 23:17:09 ----A---- C:\windows\system32\msfeeds.dll
2015-08-16 23:17:09 ----A---- C:\windows\system32\jscript.dll
2015-08-16 23:17:09 ----A---- C:\windows\system32\inetcomm.dll
2015-08-16 23:17:00 ----A---- C:\windows\system32\ntoskrnl.exe
2015-08-16 23:16:59 ----A---- C:\windows\system32\sysmain.dll
2015-08-16 23:16:59 ----A---- C:\windows\system32\ntdll.dll
2015-08-16 23:16:58 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-08-16 23:16:58 ----A---- C:\windows\system32\drivers\mountmgr.sys
2015-08-16 23:16:49 ----A---- C:\windows\SYSWOW64\notepad.exe
2015-08-16 23:16:48 ----A---- C:\windows\system32\notepad.exe
2015-08-16 23:16:48 ----A---- C:\windows\notepad.exe
2015-08-03 13:44:57 ----D---- C:\windows\Migration
2015-07-29 11:05:36 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-07-29 11:05:36 ----A---- C:\windows\system32\rpcrt4.dll
2015-07-29 11:05:36 ----A---- C:\windows\system32\kerberos.dll
2015-07-29 11:05:35 ----A---- C:\windows\system32\msv1_0.dll
2015-07-29 11:05:35 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-07-29 11:05:34 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-07-29 11:05:34 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2015-07-29 11:05:33 ----A---- C:\windows\SYSWOW64\SHCore.dll
2015-07-29 11:05:33 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2015-07-29 11:05:33 ----A---- C:\windows\system32\SHCore.dll
2015-07-29 11:05:33 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-07-29 11:04:00 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-07-29 11:03:35 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-07-29 11:03:35 ----A---- C:\windows\system32\dxtrans.dll
2015-07-29 11:03:34 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-07-29 11:03:34 ----A---- C:\windows\system32\mshtmled.dll
2015-07-29 11:03:34 ----A---- C:\windows\system32\iedkcs32.dll
2015-07-29 11:03:32 ----A---- C:\windows\SYSWOW64\ole32.dll
2015-07-29 11:03:32 ----A---- C:\windows\system32\sppobjs.dll
2015-07-29 11:03:32 ----A---- C:\windows\system32\ole32.dll
2015-07-29 11:03:29 ----A---- C:\windows\system32\rdpcorets.dll
2015-07-29 11:03:25 ----A---- C:\windows\system32\twinui.dll
2015-07-29 11:03:23 ----A---- C:\windows\SYSWOW64\twinui.dll
2015-07-29 11:03:22 ----A---- C:\windows\SYSWOW64\msiexec.exe
2015-07-29 11:03:22 ----A---- C:\windows\SYSWOW64\msi.dll
2015-07-29 11:03:22 ----A---- C:\windows\SYSWOW64\authui.dll
2015-07-29 11:03:22 ----A---- C:\windows\system32\msiexec.exe
2015-07-29 11:03:22 ----A---- C:\windows\system32\msi.dll
2015-07-29 11:03:22 ----A---- C:\windows\system32\authui.dll
2015-07-29 11:00:50 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-07-29 11:00:50 ----A---- C:\windows\system32\gdi32.dll
2015-07-29 10:59:25 ----A---- C:\windows\system32\aepic.dll
2015-07-29 10:59:25 ----A---- C:\windows\system32\aepdu.dll
2015-07-29 10:02:24 ----A---- C:\windows\system32\cryptcatsvc.dll

======List of files/folders modified in the last 1 month======

2015-08-18 15:46:34 ----RD---- C:\Program Files
2015-08-18 15:43:45 ----D---- C:\ProgramData\Origin
2015-08-18 15:42:47 ----A---- C:\windows\SYSWOW64\log.txt
2015-08-18 15:42:07 ----D---- C:\Users\NP530\AppData\Roaming\Skype
2015-08-18 15:42:05 ----D---- C:\Users\NP530\AppData\Roaming\Dropbox
2015-08-18 15:39:19 ----D---- C:\windows\Prefetch
2015-08-18 15:38:39 ----D---- C:\windows\Temp
2015-08-18 15:38:04 ----D---- C:\windows\System32
2015-08-18 15:35:38 ----D---- C:\ProgramData\WinClon
2015-08-18 15:29:05 ----D---- C:\windows\system32\config
2015-08-18 15:23:36 ----D---- C:\Users\NP530\AppData\Roaming\ClassicShell
2015-08-18 15:19:49 ----D---- C:\windows\Inf
2015-08-18 15:19:49 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-08-18 15:12:22 ----D---- C:\windows\Microsoft.NET
2015-08-18 15:12:08 ----D---- C:\windows\WinSxS
2015-08-18 15:11:58 ----D---- C:\windows\SysWOW64
2015-08-18 15:05:14 ----D---- C:\Program Files\Windows Defender
2015-08-18 15:05:12 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-18 15:05:11 ----D---- C:\windows\system32\Drivers
2015-08-18 15:04:57 ----SD---- C:\windows\system32\CompatTel
2015-08-18 15:04:57 ----D---- C:\windows\system32\appraiser
2015-08-18 15:04:56 ----D---- C:\windows\apppatch
2015-08-18 15:04:32 ----D---- C:\windows\system32\drivers\cs-CZ
2015-08-18 15:04:28 ----D---- C:\Windows
2015-08-18 15:04:14 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-18 14:00:20 ----D---- C:\windows\system32\sru
2015-08-18 00:59:21 ----D---- C:\Users\NP530\AppData\Roaming\uTorrent
2015-08-17 23:32:06 ----D---- C:\Users\NP530\AppData\Roaming\vlc
2015-08-17 19:46:42 ----D---- C:\windows\system32\catroot
2015-08-17 19:27:55 ----D---- C:\windows\system32\drivers\etc
2015-08-17 19:25:34 ----D---- C:\windows\system32\DriverStore
2015-08-17 19:25:23 ----RD---- C:\Program Files (x86)
2015-08-17 18:35:24 ----D---- C:\windows\CbsTemp
2015-08-17 18:28:28 ----SHD---- C:\windows\Installer
2015-08-17 18:28:28 ----A---- C:\windows\win.ini
2015-08-17 18:28:27 ----D---- C:\ProgramData\Microsoft Help
2015-08-17 18:24:14 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-17 18:22:27 ----D---- C:\windows\system32\MRT
2015-08-16 23:16:39 ----D---- C:\windows\system32\catroot2
2015-08-03 14:28:12 ----D---- C:\windows\rescache
2015-08-03 13:45:14 ----D---- C:\Program Files\Internet Explorer
2015-08-03 13:45:14 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-03 13:45:05 ----RD---- C:\windows\ToastData
2015-08-03 13:44:56 ----D---- C:\windows\system32\wbem
2015-07-29 11:05:43 ----HD---- C:\Program Files\WindowsApps
2015-07-29 11:05:41 ----D---- C:\windows\AUInstallAgent
2015-07-28 23:17:10 ----D---- C:\windows\Tasks
2015-07-28 10:59:08 ----A---- C:\windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 excsd;ExpressCache Storage Filter Driver; C:\windows\system32\DRIVERS\excsd.sys [2012-08-17 103248]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 excfs;ExpressCache File System Filter Driver; C:\windows\system32\DRIVERS\excfs.sys [2012-08-17 23376]
R1 ndiskhaz;@oem26.inf,%ndiskhaz_Desc%;Azzouzi HotSpot LightWeight Filter; C:\windows\system32\DRIVERS\ndiskhaz.sys [2012-12-07 30536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 AMPPAL;@oem2.inf,%AMPPAL.SVCDESC%;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\System32\drivers\AMPPAL.sys [2012-07-16 162344]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 btmaux;@oem13.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2012-04-24 110592]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2012-07-14 825344]
R3 ETD;@oem14.inf,%SamsungDeviceDesc%;Samsung PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-08-06 313712]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-07-04 55848]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-07-25 8982208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-05-14 3962840]
R3 IntcDAud;@oem9.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 netr28ux;@oem25.inf,%Generic.Service.DispName%;RT2870 USB Extensible Wireless LAN Card Driver; C:\windows\system32\DRIVERS\netr28ux.sys [2014-10-18 2217616]
R3 NETwNe64;@oem16.inf,%NIC_Service_DispName_WIN8_64%;Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 8 64 Bit; C:\windows\system32\DRIVERS\NETwew00.sys [2013-10-08 3345376]
R3 RadioHIDMini;@oem11.inf,%RadioHIDMini%;Radio HID Mini-driver; C:\windows\System32\drivers\RadioHIDMini.sys [2012-07-27 23408]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 RTL8168;@oem4.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2012-06-12 683664]
R3 SensorsSimulatorDriver;@oem24.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-07-06 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AMPPALP;@oem3.inf,%AMPPALP_Desc%;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-07-16 162344]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 dg_ssudbus;@oem20.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 irstrtdv;@oem15.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver; C:\windows\System32\drivers\irstrtdv.sys [2012-07-20 43800]
S3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2012-06-28 13546344]
S3 ssudmdm;@oem21.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-16 731688]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-08-08 1091520]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-08-08 1112000]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-05-02 135952]
R2 Easy Launcher;Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2012-08-24 1593976]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-08-28 626416]
R2 ExpressCache;ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [2012-08-17 102224]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-18 128896]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\windows\SysWOW64\irstrtsv.exe [2012-07-19 193576]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 MyPublicWiFiService;MyPublicWiFi Service; C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [2013-04-03 756224]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-08-28 149744]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2014-02-21 134336]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-10-07 565248]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-13 51808]
S3 c2wts;@%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2012-07-26 5632]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-07-27 276288]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-08-14 654848]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-08-28 273136]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-02-27 1910640]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2014-07-22 89232]

-----------------EOF-----------------

[oflo]

A tady FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
Ran by NP530 (administrator) on NP530U-PC (18-08-2015 15:55:33)
Running from C:\Users\NP530\Desktop
Loaded Profiles: NP530 (Available Profiles: NP530)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
() C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Users\NP530\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\NP530\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Cerulean Studios) C:\Program Files (x86)\Trillian\trillian.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Xerox) C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmw.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
() C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(forum.viry.cz) C:\Users\NP530\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Launcher6015N] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2571264 2011-05-19] (Xerox)
HKLM-x32\...\Run: [6015N RUN] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [355840 2012-07-16] ()
HKLM-x32\...\Run: [StatusAutoRun6015N] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [3984896 2012-07-16] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-27] (Electronic Arts)
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [MP3 Skype Recorder] => C:\Users\NP530\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe [1544704 2014-06-27] ()
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [Dropbox Update] => C:\Users\NP530\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [GoogleChromeAutoLaunch_98553AD20699319A411355EAAAAD5E3A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
Startup: C:\Users\NP530\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-08-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\NP530\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\NP530\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk [2014-02-25]
ShortcutTarget: Trillian.lnk -> C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1228448097-215964479-906076251-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
HKU\S-1-5-21-1228448097-215964479-906076251-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> DefaultScope {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-02-27] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-02-27] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18] (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{E4AC0910-DBAB-4E8D-9F4C-4BF25067BAB5}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll [2014-03-28] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-02-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-02-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll [2014-03-28] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1228448097-215964479-906076251-1001: RSATom.name/FBVLC -> C:\Users\NP530\AppData\Roaming\RSATom\FBVLC\0.1.5\npFBVLC.dll [2014-06-24] (RSATom)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-07-23]

Chrome:
=======
CHR Profile: C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-10-10]
CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-01-18]
CHR Extension: (Google Docs) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-14]
CHR Extension: (Google Drive) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-14]
CHR Extension: (YouTube) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-14]
CHR Extension: (Google Search) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-14]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-07-23]
CHR Extension: (Nimbus Screen Capture App) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\gooiepmnbooemimlnlbijlfoofgjnngn [2014-08-15]
CHR Extension: (Pin It Button) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-01-01]
CHR Extension: (PageArchiver) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkkeoeinpbomhnpkmmkpggkaefincbn [2014-02-14]
CHR Extension: (SingleFile Core) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\jemlklgaibiijojffihnhieihhagocma [2014-02-14]
CHR Extension: (rikaikun) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2015-02-26]
CHR Extension: (Webcam Toy) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-02-14]
CHR Extension: (Google Mail Checker) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-02-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-14]
CHR Extension: (Hover Zoom) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-02-14]
CHR Extension: (Gmail) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-14]
CHR Extension: (Canvas Rider) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2014-02-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2012-07-26] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-24] (Samsung Electronics CO., LTD.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-08-14] (Macrovision Europe Ltd.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MyPublicWiFiService; C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [565248 2013-10-07] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
R2 XRNADB; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [96768 2012-07-16] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
S3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R1 ndiskhaz; C:\Windows\system32\DRIVERS\ndiskhaz.sys [30536 2012-12-07] (Khalil Azzouzi)
R3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2217616 2014-10-18] (MediaTek Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-18 15:55 - 2015-08-18 15:55 - 00026256 _____ C:\Users\NP530\Desktop\FRST.txt
2015-08-18 15:55 - 2015-08-18 15:55 - 00000000 ____D C:\FRST
2015-08-18 15:46 - 2015-08-18 15:46 - 01107968 _____ C:\Users\NP530\Downloads\RSIT.exe
2015-08-18 15:46 - 2015-08-18 15:46 - 00000000 ____D C:\rsit
2015-08-18 15:46 - 2015-08-18 15:46 - 00000000 ____D C:\Program Files\trend micro
2015-08-18 15:45 - 2015-08-18 15:45 - 02173440 _____ (Farbar) C:\Users\NP530\Desktop\FRST64.exe
2015-08-18 15:44 - 2015-08-18 15:45 - 00112640 _____ (forum.viry.cz) C:\Users\NP530\Desktop\FRSTLauncher.exe
2015-08-18 15:44 - 2015-08-18 15:44 - 01222144 _____ C:\Users\NP530\Desktop\RSITx64.exe
2015-08-18 15:38 - 2015-08-18 15:39 - 00002643 _____ C:\windows\system32\Service_KMS.log
2015-08-18 15:35 - 2015-08-18 15:36 - 00002950 _____ C:\AdwCleaner[C1].txt
2015-08-18 15:33 - 2015-08-18 15:34 - 00002683 _____ C:\AdwCleaner[S1].txt
2015-08-18 15:33 - 2015-08-18 15:33 - 00000000 ____D C:\AdwCleaner
2015-08-18 15:32 - 2015-08-18 15:32 - 01573888 _____ C:\Users\NP530\Downloads\AdwCleaner.exe
2015-08-18 15:31 - 2015-08-18 15:31 - 00087775 _____ C:\Users\NP530\Downloads\winupcompat.diagcab
2015-08-18 15:25 - 2015-08-18 15:25 - 00080488 _____ C:\Users\NP530\Downloads\GW10Appdiagnostic.diagcab
2015-08-18 15:11 - 2015-08-08 04:27 - 00793544 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-08-18 15:11 - 2015-08-08 04:27 - 00177632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-18 00:01 - 2015-08-18 00:01 - 00000000 ___SH C:\DkHyperbootSync
2015-08-17 22:59 - 2015-08-17 22:59 - 00002984 _____ C:\windows\system32\AutoPico.log
2015-08-17 20:21 - 2015-08-17 20:50 - 1303768912 _____ C:\Users\NP530\Downloads\Kouř.avi
2015-08-17 20:20 - 2015-08-17 20:21 - 00013081 _____ C:\Users\NP530\Downloads\[CzT]Kour_1990_CZ_.torrent
2015-08-17 19:27 - 2015-08-18 15:41 - 00000745 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-08-17 19:25 - 2015-08-17 19:25 - 01143096 _____ (TRUE Software ) C:\Users\NP530\Downloads\MyPublicWiFi.exe
2015-08-17 19:25 - 2015-08-17 19:25 - 00001001 _____ C:\Users\Public\Desktop\MyPublicWiFi.lnk
2015-08-17 19:25 - 2015-08-17 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPublicWiFi
2015-08-17 19:25 - 2015-08-17 19:25 - 00000000 ____D C:\Program Files (x86)\MyPublicWiFi
2015-08-17 19:25 - 2012-12-07 10:28 - 00030536 _____ (Khalil Azzouzi) C:\windows\system32\Drivers\ndiskhaz.sys
2015-08-17 18:23 - 2015-08-17 18:23 - 00098816 _____ C:\Users\NP530\Downloads\Conec 2015 final.xls
2015-08-16 23:19 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-16 23:19 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2015-08-16 23:19 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-08-16 23:19 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2015-08-16 23:19 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-16 23:19 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-16 23:19 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-08-16 23:19 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-08-16 23:18 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-16 23:18 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-16 23:18 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-16 23:18 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-16 23:18 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-16 23:18 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-16 23:18 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-16 23:18 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-16 23:18 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-16 23:18 - 2015-05-12 00:49 - 00527704 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
2015-08-16 23:17 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 23:17 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 23:17 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-08-16 23:17 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-08-16 23:17 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-16 23:17 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-16 23:17 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-16 23:17 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-08-16 23:17 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-16 23:17 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-16 23:17 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-16 23:17 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-16 23:17 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-16 23:17 - 2015-07-16 22:31 - 19291648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-16 23:17 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-16 23:17 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-16 23:17 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-16 23:17 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-16 23:17 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-16 23:17 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-08-16 23:17 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-08-16 23:17 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-08-16 23:17 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 14383616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-08-16 23:17 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-16 23:17 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-08-16 23:17 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-08-16 23:17 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-16 23:17 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-16 23:17 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2015-08-16 23:17 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2015-08-16 23:17 - 2015-06-09 15:09 - 00411133 _____ C:\windows\system32\ApnDatabase.xml
2015-08-16 23:16 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-16 23:16 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-16 23:16 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-08-16 23:16 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-16 23:16 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-16 23:16 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-16 23:16 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-08-13 14:38 - 2015-08-13 14:38 - 00000000 ____D C:\Users\NP530\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-29 11:05 - 2015-06-27 18:36 - 00171352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-29 11:05 - 2015-06-27 15:56 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2015-07-29 11:05 - 2015-06-27 15:55 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-07-29 11:05 - 2015-06-27 15:55 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-07-29 11:05 - 2015-06-27 15:46 - 01314816 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-29 11:05 - 2015-06-27 15:46 - 00829952 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-29 11:05 - 2015-06-27 15:46 - 00588800 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2015-07-29 11:05 - 2015-06-27 15:46 - 00318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-29 11:05 - 2015-06-27 15:23 - 00694784 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-07-29 11:05 - 2015-06-25 20:29 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-29 11:05 - 2015-06-25 20:27 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-29 11:04 - 2015-04-30 15:44 - 00478296 _____ C:\windows\SysWOW64\locale.nls
2015-07-29 11:04 - 2015-04-30 15:44 - 00478296 _____ C:\windows\system32\locale.nls
2015-07-29 11:04 - 2015-01-07 06:25 - 00403456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-29 11:03 - 2015-06-17 16:13 - 01150264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-07-29 11:03 - 2015-06-17 15:44 - 01567560 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 02416640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 00062976 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-07-29 11:03 - 2015-06-15 17:21 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-29 11:03 - 2015-06-15 17:20 - 10116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2015-07-29 11:03 - 2015-06-15 17:20 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-29 11:03 - 2015-06-15 17:20 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-29 11:03 - 2015-06-15 17:20 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-29 11:03 - 2015-06-15 17:19 - 02307072 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-29 11:03 - 2015-06-15 17:19 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-29 11:03 - 2015-06-15 17:19 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-29 11:03 - 2015-06-09 15:57 - 03248640 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-07-29 11:03 - 2015-04-21 15:53 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2015-07-29 11:00 - 2015-06-11 22:29 - 01302528 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-29 11:00 - 2015-06-11 18:27 - 01024000 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-07-29 10:59 - 2015-06-29 15:27 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-29 10:59 - 2015-05-22 22:44 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-07-29 10:02 - 2015-03-27 10:07 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\cryptcatsvc.dll
2015-07-28 23:17 - 2015-08-18 15:38 - 00000976 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-28 23:17 - 2015-08-18 15:22 - 00000980 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-18 15:52 - 2014-02-16 18:03 - 00000000 ____D C:\Users\NP530\AppData\Roaming\Skype
2015-08-18 15:47 - 2012-08-24 09:46 - 00000000 ____D C:\ProgramData\WinClon
2015-08-18 15:43 - 2014-05-21 20:23 - 00000000 ____D C:\ProgramData\Origin
2015-08-18 15:43 - 2014-02-14 12:48 - 00000000 ___RD C:\Users\NP530\Dropbox
2015-08-18 15:42 - 2014-02-14 12:45 - 00000000 ____D C:\Users\NP530\AppData\Roaming\Dropbox
2015-08-18 15:37 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-18 15:36 - 2012-08-24 09:04 - 01607999 _____ C:\windows\WindowsUpdate.log
2015-08-18 15:36 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\BBI
2015-08-18 15:23 - 2014-02-14 12:47 - 00000000 ____D C:\Users\NP530\AppData\Roaming\ClassicShell
2015-08-18 15:19 - 2015-06-16 23:00 - 00000938 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001UA.job
2015-08-18 15:19 - 2012-08-25 01:04 - 00761764 _____ C:\windows\system32\perfh005.dat
2015-08-18 15:19 - 2012-08-25 01:04 - 00165388 _____ C:\windows\system32\perfc005.dat
2015-08-18 15:19 - 2012-07-26 09:28 - 01817950 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-18 15:18 - 2014-02-13 09:23 - 00003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1228448097-215964479-906076251-1001
2015-08-18 15:10 - 2015-03-16 00:43 - 05132320 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-18 15:05 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-18 15:05 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-18 15:05 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-18 15:05 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-18 15:04 - 2015-06-07 04:10 - 1005853670 _____ C:\windows\MEMORY.DMP
2015-08-18 15:04 - 2014-12-15 12:07 - 00000000 ____D C:\windows\system32\appraiser
2015-08-18 15:04 - 2014-07-21 12:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-18 15:04 - 2014-07-21 12:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-18 15:04 - 2014-07-12 18:02 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-18 15:04 - 2012-08-05 23:07 - 00761396 _____ C:\windows\PFRO.log
2015-08-18 15:04 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-18 15:04 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-18 14:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru
2015-08-18 12:23 - 2014-02-14 23:03 - 00000000 ____D C:\Users\NP530\AppData\Local\Adobe
2015-08-18 00:59 - 2014-02-14 21:34 - 00000000 ____D C:\Users\NP530\AppData\Roaming\uTorrent
2015-08-17 23:32 - 2014-02-14 16:32 - 00000000 ____D C:\Users\NP530\AppData\Roaming\vlc
2015-08-17 23:16 - 2015-06-16 22:59 - 00000886 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001Core.job
2015-08-17 19:25 - 2014-09-06 19:30 - 00000000 ____D C:\Users\NP530\AppData\Local\CrashDumps
2015-08-17 18:35 - 2012-07-26 09:59 - 00000000 ____D C:\windows\CbsTemp
2015-08-17 18:28 - 2014-02-15 16:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-17 18:28 - 2012-07-26 07:26 - 00000269 _____ C:\windows\win.ini
2015-08-17 18:26 - 2014-07-21 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-17 18:26 - 2014-02-14 21:32 - 15710720 ___SH C:\Users\NP530\Desktop\Thumbs.db
2015-08-17 18:22 - 2014-02-17 14:42 - 00000000 ____D C:\windows\system32\MRT
2015-08-13 14:34 - 2015-05-18 01:43 - 00000000 ____D C:\Users\NP530\Downloads\Into the Woods (2002 Broadway Revival Cast)
2015-08-13 14:30 - 2015-06-07 18:12 - 00000000 ____D C:\Users\NP530\Downloads\Big Hero 6 (2014) [1080p]
2015-08-03 14:28 - 2012-07-26 10:12 - 00000000 ____D C:\windows\rescache
2015-08-03 13:45 - 2012-07-26 10:12 - 00000000 ___RD C:\windows\ToastData
2015-07-29 11:05 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2015-07-28 23:17 - 2014-02-14 12:36 - 00003952 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-28 23:17 - 2014-02-14 12:36 - 00003716 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-28 23:13 - 2015-06-16 23:00 - 00003884 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001UA
2015-07-28 23:13 - 2015-06-16 22:59 - 00003504 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001Core
2015-07-28 10:59 - 2014-02-17 14:41 - 132483416 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-02-13 09:16 - 2014-02-15 15:07 - 0001508 _____ () C:\Users\NP530\AppData\Roaming\AbsoluteReminder.xml
2014-02-15 00:41 - 2014-02-15 00:41 - 0000132 _____ () C:\Users\NP530\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2014-02-14 23:26 - 2015-05-13 11:38 - 0000132 _____ () C:\Users\NP530\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-03-20 16:04 - 2014-03-20 16:04 - 0000046 _____ () C:\Users\NP530\AppData\Roaming\Camdata.ini
2014-03-20 16:04 - 2014-03-20 16:04 - 0000408 _____ () C:\Users\NP530\AppData\Roaming\CamLayout.ini
2014-03-20 16:04 - 2014-03-20 16:04 - 0000408 _____ () C:\Users\NP530\AppData\Roaming\CamShapes.ini
2014-03-20 16:04 - 2014-03-20 16:04 - 0004535 _____ () C:\Users\NP530\AppData\Roaming\CamStudio.cfg
2014-03-20 16:03 - 2014-03-20 16:03 - 0000096 _____ () C:\Users\NP530\AppData\Roaming\version2.xml
2014-07-17 15:50 - 2014-07-17 15:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-24 10:03 - 2012-08-08 06:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-08-24 10:03 - 2012-08-07 12:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some files in TEMP:
====================
C:\Users\NP530\AppData\Local\Temp\adks_webssearches_20140820.exe
C:\Users\NP530\AppData\Local\Temp\comver.dll
C:\Users\NP530\AppData\Local\Temp\Deldevice.dll
C:\Users\NP530\AppData\Local\Temp\DelVista.dll
C:\Users\NP530\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphk7tgt.dll
C:\Users\NP530\AppData\Local\Temp\KlipPalSetup.exe
C:\Users\NP530\AppData\Local\Temp\pyl3A20.tmp.exe
C:\Users\NP530\AppData\Local\Temp\pylF90B.tmp.exe
C:\Users\NP530\AppData\Local\Temp\RloJBGoUHaQqwYFGGEPJ.DLL
C:\Users\NP530\AppData\Local\Temp\SIInvoker.exe
C:\Users\NP530\AppData\Local\Temp\sqlite3.dll
C:\Users\NP530\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\NP530\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\NP530\AppData\Local\Temp\xrAnotherRegister.exe
C:\Users\NP530\AppData\Local\Temp\ytd-upgrade.exe
C:\Users\NP530\AppData\Local\Temp\zhhBsiUVgPHeLwdpaxbM.DLL


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-17 00:23




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:414.85 GB) (Free:10.93 GB) NTFS

Available physical RAM: 1575.16 MB
Total physical RAM: 3797.53 MB
Percentage of memory in use: 58%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 465.8 GB) (Disk ID: C420134B)
Disk: 1 (Size: 22.4 GB) (Disk ID: 1A5912DE)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001Core.job => C:\Users\NP530\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001UA.job => C:\Users\NP530\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================




===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\NP530\Desktop" je 11 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[oflo]

Tím jsem to projel již odpoledne. Nyní to nic nenalézá. Zde je první log:

# AdwCleaner v5.001 - Logfile created 18/08/2015 at 15:35:52
# Updated 17/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 8 (x64)
# Username : NP530 - NP530U-PC
# Running from : C:\Users\NP530\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

[-] Service Deleted : {be5bf058-a067-4076-8c2e-22b9345a0260}Gw64

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
[-] Folder Deleted : C:\Users\NP530\AppData\Local\Temp\Klip Pal

***** [ Files ] *****

[-] File Deleted : C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbfnbcaeplbcioakkpcpgfkobkghlhen_0.localstorage
[-] File Deleted : C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbfnbcaeplbcioakkpcpgfkobkghlhen_0.localstorage-journal
[-] File Deleted : C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_safari-portable.en.softonic.com_0.localstorage
[-] File Deleted : C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_safari-portable.en.softonic.com_0.localstorage-journal
[-] File Deleted : C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] File Deleted : C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage
[-] File Deleted : C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

***** [ Web browsers ] *****


*************************

:: Proxy settings cleared
:: Winsock settings cleared

*************************

C:\AdwCleaner[C1].txt - [2746 bytes] - [18/08/2015 15:35:52]
C:\AdwCleaner[S1].txt - [2683 bytes] - [18/08/2015 15:33:07]

########## EOF - C:\AdwCleaner[C1].txt - [2870 bytes] ##########

[Rudy]

Dejte nový log FRST.

[oflo]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
Ran by NP530 (administrator) on NP530U-PC (19-08-2015 01:49:23)
Running from C:\Users\NP530\Desktop
Loaded Profiles: NP530 (Available Profiles: NP530)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\NP530\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Xerox) C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmw.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Cerulean Studios) C:\Program Files (x86)\Trillian\trillian.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(PortableApps.com) C:\OperaPortable\OperaPortable.exe
(Opera Software) C:\OperaPortable\App\Opera\opera.exe
() C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(forum.viry.cz) C:\Users\NP530\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Launcher6015N] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2571264 2011-05-19] (Xerox)
HKLM-x32\...\Run: [6015N RUN] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [355840 2012-07-16] ()
HKLM-x32\...\Run: [StatusAutoRun6015N] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [3984896 2012-07-16] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-27] (Electronic Arts)
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [MP3 Skype Recorder] => C:\Users\NP530\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe [1544704 2014-06-27] ()
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [Dropbox Update] => C:\Users\NP530\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [GoogleChromeAutoLaunch_98553AD20699319A411355EAAAAD5E3A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
Startup: C:\Users\NP530\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-08-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\NP530\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\NP530\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk [2014-02-25]
ShortcutTarget: Trillian.lnk -> C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NP530\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1228448097-215964479-906076251-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
HKU\S-1-5-21-1228448097-215964479-906076251-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> DefaultScope {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-02-27] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-02-27] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18] (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E4AC0910-DBAB-4E8D-9F4C-4BF25067BAB5}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll [2014-03-28] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-02-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-02-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll [2014-03-28] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1228448097-215964479-906076251-1001: RSATom.name/FBVLC -> C:\Users\NP530\AppData\Roaming\RSATom\FBVLC\0.1.5\npFBVLC.dll [2014-06-24] (RSATom)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-07-23]

Chrome:
=======
CHR Profile: C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-10-10]
CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-01-18]
CHR Extension: (Google Docs) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-14]
CHR Extension: (Google Drive) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-14]
CHR Extension: (YouTube) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-14]
CHR Extension: (Google Search) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-14]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-07-23]
CHR Extension: (Nimbus Screen Capture App) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\gooiepmnbooemimlnlbijlfoofgjnngn [2014-08-15]
CHR Extension: (Pin It Button) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-01-01]
CHR Extension: (PageArchiver) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkkeoeinpbomhnpkmmkpggkaefincbn [2014-02-14]
CHR Extension: (SingleFile Core) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\jemlklgaibiijojffihnhieihhagocma [2014-02-14]
CHR Extension: (rikaikun) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2015-02-26]
CHR Extension: (Webcam Toy) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-02-14]
CHR Extension: (Google Mail Checker) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-02-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-14]
CHR Extension: (Hover Zoom) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-02-14]
CHR Extension: (Gmail) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-14]
CHR Extension: (Canvas Rider) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2014-02-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2012-07-26] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-24] (Samsung Electronics CO., LTD.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-08-14] (Macrovision Europe Ltd.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MyPublicWiFiService; C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [565248 2013-10-07] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
R2 XRNADB; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [96768 2012-07-16] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
S3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R1 ndiskhaz; C:\Windows\system32\DRIVERS\ndiskhaz.sys [30536 2012-12-07] (Khalil Azzouzi)
R3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2217616 2014-10-18] (MediaTek Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-19 01:49 - 2015-08-19 01:49 - 00025933 _____ C:\Users\NP530\Desktop\FRST.txt
2015-08-19 01:46 - 2015-08-19 01:46 - 00000000 ___SH C:\DkHyperbootSync
2015-08-19 01:09 - 2015-08-19 01:13 - 00000000 ____D C:\Program Files (x86)\AnalogX
2015-08-19 01:07 - 2015-08-19 01:07 - 00721765 _____ (AnalogX, LLC ) C:\Users\NP530\Downloads\vremover.exe
2015-08-19 01:03 - 2015-08-19 01:03 - 00276968 _____ (AnalogX, LLC) C:\Users\NP530\Downloads\vremamp.exe
2015-08-19 01:03 - 2015-08-19 01:03 - 00000000 ____D C:\Users\NP530\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnalogX
2015-08-19 01:03 - 2015-08-19 01:03 - 00000000 ____D C:\Program Files (x86)\Plugins
2015-08-19 00:55 - 2010-09-06 21:14 - 00000000 ____D C:\Users\NP530\Desktop\Kreyson - Anděl na utěku 1990
2015-08-19 00:53 - 2015-08-19 00:55 - 38250666 _____ C:\Users\NP530\Downloads\Kreyson---Anděl-na-utěku-1990.rar
2015-08-19 00:52 - 2015-08-19 00:52 - 15509089 _____ (Recisio ) C:\Users\NP530\Downloads\karafunplayer_2.2.6.223.exe
2015-08-19 00:52 - 2015-08-19 00:52 - 00001030 _____ C:\Users\NP530\Desktop\KaraFun Player 2.lnk
2015-08-19 00:52 - 2015-08-19 00:52 - 00000000 ____D C:\ProgramData\Recisio
2015-08-19 00:52 - 2015-08-19 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player 2
2015-08-19 00:52 - 2015-08-19 00:52 - 00000000 ____D C:\Program Files (x86)\KaraFun Player 2
2015-08-18 22:59 - 2015-08-18 22:59 - 00002766 _____ C:\windows\system32\AutoPico.log
2015-08-18 22:25 - 2015-08-18 23:36 - 685873152 _____ C:\Users\NP530\Downloads\BORAT-2006-CZ-dab.-Komedie.avi
2015-08-18 20:48 - 2015-08-18 21:28 - 730947491 _____ C:\Users\NP530\Downloads\Bruno.CZ.avi.2009.avi
2015-08-18 20:44 - 2015-08-18 20:45 - 00003397 _____ C:\windows\system32\Service_KMS.log
2015-08-18 20:43 - 2015-08-18 20:43 - 00000927 _____ C:\AdwCleaner[C2].txt
2015-08-18 19:19 - 2015-08-18 19:19 - 00000775 _____ C:\AdwCleaner[S2].txt
2015-08-18 18:58 - 2015-08-18 19:16 - 681270784 _____ C:\Users\NP530\Downloads\Ali-G Indahouse.AVI
2015-08-18 18:58 - 2015-08-18 18:58 - 00013542 _____ C:\Users\NP530\Downloads\[CzT]Ali_G_Indahouse.torrent
2015-08-18 16:02 - 2015-08-18 16:02 - 00016046 _____ C:\Users\NP530\Desktop\Addition.rar
2015-08-18 15:55 - 2015-08-19 01:49 - 00000000 ____D C:\FRST
2015-08-18 15:46 - 2015-08-18 15:46 - 01107968 _____ C:\Users\NP530\Downloads\RSIT.exe
2015-08-18 15:46 - 2015-08-18 15:46 - 00000000 ____D C:\rsit
2015-08-18 15:46 - 2015-08-18 15:46 - 00000000 ____D C:\Program Files\trend micro
2015-08-18 15:45 - 2015-08-18 15:45 - 02173440 _____ (Farbar) C:\Users\NP530\Desktop\FRST64.exe
2015-08-18 15:44 - 2015-08-18 15:45 - 00112640 _____ (forum.viry.cz) C:\Users\NP530\Desktop\FRSTLauncher.exe
2015-08-18 15:44 - 2015-08-18 15:44 - 01222144 _____ C:\Users\NP530\Desktop\RSITx64.exe
2015-08-18 15:35 - 2015-08-18 15:36 - 00002950 _____ C:\AdwCleaner[C1].txt
2015-08-18 15:33 - 2015-08-18 15:34 - 00002683 _____ C:\AdwCleaner[S1].txt
2015-08-18 15:33 - 2015-08-18 15:33 - 00000000 ____D C:\AdwCleaner
2015-08-18 15:32 - 2015-08-18 15:32 - 01573888 _____ C:\Users\NP530\Desktop\AdwCleaner.exe
2015-08-18 15:31 - 2015-08-18 15:31 - 00087775 _____ C:\Users\NP530\Downloads\winupcompat.diagcab
2015-08-18 15:25 - 2015-08-18 15:25 - 00080488 _____ C:\Users\NP530\Downloads\GW10Appdiagnostic.diagcab
2015-08-18 15:11 - 2015-08-08 04:27 - 00793544 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-08-18 15:11 - 2015-08-08 04:27 - 00177632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-17 20:21 - 2015-08-17 20:50 - 1303768912 _____ C:\Users\NP530\Downloads\Kouř.avi
2015-08-17 20:20 - 2015-08-17 20:21 - 00013081 _____ C:\Users\NP530\Downloads\[CzT]Kour_1990_CZ_.torrent
2015-08-17 19:27 - 2015-08-19 01:41 - 00000745 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-08-17 19:25 - 2015-08-17 19:25 - 01143096 _____ (TRUE Software ) C:\Users\NP530\Downloads\MyPublicWiFi.exe
2015-08-17 19:25 - 2015-08-17 19:25 - 00001001 _____ C:\Users\Public\Desktop\MyPublicWiFi.lnk
2015-08-17 19:25 - 2015-08-17 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPublicWiFi
2015-08-17 19:25 - 2015-08-17 19:25 - 00000000 ____D C:\Program Files (x86)\MyPublicWiFi
2015-08-17 19:25 - 2012-12-07 10:28 - 00030536 _____ (Khalil Azzouzi) C:\windows\system32\Drivers\ndiskhaz.sys
2015-08-17 18:23 - 2015-08-17 18:23 - 00098816 _____ C:\Users\NP530\Downloads\Conec 2015 final.xls
2015-08-16 23:19 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-16 23:19 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2015-08-16 23:19 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-08-16 23:19 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2015-08-16 23:19 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-16 23:19 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-16 23:19 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-08-16 23:19 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-08-16 23:18 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-16 23:18 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-16 23:18 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-16 23:18 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-16 23:18 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-16 23:18 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-16 23:18 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-16 23:18 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-16 23:18 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-16 23:18 - 2015-05-12 00:49 - 00527704 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
2015-08-16 23:17 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 23:17 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 23:17 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-08-16 23:17 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-08-16 23:17 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-16 23:17 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-16 23:17 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-16 23:17 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-08-16 23:17 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-16 23:17 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-16 23:17 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-16 23:17 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-16 23:17 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-16 23:17 - 2015-07-16 22:31 - 19291648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-16 23:17 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-16 23:17 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-16 23:17 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-16 23:17 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-16 23:17 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-16 23:17 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-08-16 23:17 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-08-16 23:17 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-08-16 23:17 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 14383616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-08-16 23:17 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-08-16 23:17 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-16 23:17 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-08-16 23:17 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-08-16 23:17 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-16 23:17 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-16 23:17 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2015-08-16 23:17 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2015-08-16 23:17 - 2015-06-09 15:09 - 00411133 _____ C:\windows\system32\ApnDatabase.xml
2015-08-16 23:16 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-16 23:16 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-16 23:16 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-08-16 23:16 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-16 23:16 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-16 23:16 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-16 23:16 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-08-13 14:38 - 2015-08-13 14:38 - 00000000 ____D C:\Users\NP530\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-29 11:05 - 2015-06-27 18:36 - 00171352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-29 11:05 - 2015-06-27 15:56 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2015-07-29 11:05 - 2015-06-27 15:55 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-07-29 11:05 - 2015-06-27 15:55 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-07-29 11:05 - 2015-06-27 15:46 - 01314816 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-29 11:05 - 2015-06-27 15:46 - 00829952 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-29 11:05 - 2015-06-27 15:46 - 00588800 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2015-07-29 11:05 - 2015-06-27 15:46 - 00318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-29 11:05 - 2015-06-27 15:23 - 00694784 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-07-29 11:05 - 2015-06-25 20:29 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-29 11:05 - 2015-06-25 20:27 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-29 11:04 - 2015-04-30 15:44 - 00478296 _____ C:\windows\SysWOW64\locale.nls
2015-07-29 11:04 - 2015-04-30 15:44 - 00478296 _____ C:\windows\system32\locale.nls
2015-07-29 11:04 - 2015-01-07 06:25 - 00403456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-29 11:03 - 2015-06-17 16:13 - 01150264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-07-29 11:03 - 2015-06-17 15:44 - 01567560 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 02416640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-07-29 11:03 - 2015-06-15 17:22 - 00062976 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-07-29 11:03 - 2015-06-15 17:21 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-29 11:03 - 2015-06-15 17:20 - 10116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2015-07-29 11:03 - 2015-06-15 17:20 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-29 11:03 - 2015-06-15 17:20 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-29 11:03 - 2015-06-15 17:20 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-29 11:03 - 2015-06-15 17:19 - 02307072 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-29 11:03 - 2015-06-15 17:19 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-29 11:03 - 2015-06-15 17:19 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-29 11:03 - 2015-06-09 15:57 - 03248640 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-07-29 11:03 - 2015-04-21 15:53 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2015-07-29 11:00 - 2015-06-11 22:29 - 01302528 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-29 11:00 - 2015-06-11 18:27 - 01024000 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-07-29 10:59 - 2015-06-29 15:27 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-29 10:59 - 2015-05-22 22:44 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-07-29 10:02 - 2015-03-27 10:07 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\cryptcatsvc.dll
2015-07-28 23:17 - 2015-08-19 01:22 - 00000980 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-28 23:17 - 2015-08-18 23:22 - 00000976 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-19 01:46 - 2014-02-16 18:03 - 00000000 ____D C:\Users\NP530\AppData\Roaming\Skype
2015-08-19 01:18 - 2015-06-16 23:00 - 00000938 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001UA.job
2015-08-19 01:10 - 2014-02-14 12:47 - 00000000 ____D C:\Users\NP530\AppData\Roaming\ClassicShell
2015-08-19 01:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru
2015-08-18 23:16 - 2015-06-16 22:59 - 00000886 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001Core.job
2015-08-18 22:24 - 2014-02-14 16:32 - 00000000 ____D C:\Users\NP530\AppData\Roaming\vlc
2015-08-18 20:47 - 2014-05-21 20:23 - 00000000 ____D C:\ProgramData\Origin
2015-08-18 20:47 - 2012-08-24 09:46 - 00000000 ____D C:\ProgramData\WinClon
2015-08-18 20:45 - 2014-02-14 12:48 - 00000000 ___RD C:\Users\NP530\Dropbox
2015-08-18 20:45 - 2014-02-14 12:45 - 00000000 ____D C:\Users\NP530\AppData\Roaming\Dropbox
2015-08-18 20:44 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-18 20:42 - 2014-02-14 21:34 - 00000000 ____D C:\Users\NP530\AppData\Roaming\uTorrent
2015-08-18 18:36 - 2012-08-24 09:04 - 01690833 _____ C:\windows\WindowsUpdate.log
2015-08-18 16:25 - 2012-07-26 10:12 - 00000000 ____D C:\windows\rescache
2015-08-18 16:15 - 2014-02-13 09:23 - 00003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1228448097-215964479-906076251-1001
2015-08-18 15:36 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\BBI
2015-08-18 15:19 - 2012-08-25 01:04 - 00761764 _____ C:\windows\system32\perfh005.dat
2015-08-18 15:19 - 2012-08-25 01:04 - 00165388 _____ C:\windows\system32\perfc005.dat
2015-08-18 15:19 - 2012-07-26 09:28 - 01817950 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-18 15:10 - 2015-03-16 00:43 - 05132320 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-18 15:05 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-18 15:05 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-18 15:05 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-18 15:05 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-18 15:04 - 2015-06-07 04:10 - 1005853670 _____ C:\windows\MEMORY.DMP
2015-08-18 15:04 - 2014-12-15 12:07 - 00000000 ____D C:\windows\system32\appraiser
2015-08-18 15:04 - 2014-07-21 12:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-18 15:04 - 2014-07-21 12:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-18 15:04 - 2014-07-12 18:02 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-18 15:04 - 2012-08-05 23:07 - 00761396 _____ C:\windows\PFRO.log
2015-08-18 15:04 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-18 15:04 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-18 12:23 - 2014-02-14 23:03 - 00000000 ____D C:\Users\NP530\AppData\Local\Adobe
2015-08-17 19:25 - 2014-09-06 19:30 - 00000000 ____D C:\Users\NP530\AppData\Local\CrashDumps
2015-08-17 18:35 - 2012-07-26 09:59 - 00000000 ____D C:\windows\CbsTemp
2015-08-17 18:28 - 2014-02-15 16:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-17 18:28 - 2012-07-26 07:26 - 00000269 _____ C:\windows\win.ini
2015-08-17 18:26 - 2014-07-21 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-17 18:26 - 2014-02-14 21:32 - 15710720 ___SH C:\Users\NP530\Desktop\Thumbs.db
2015-08-17 18:22 - 2014-02-17 14:42 - 00000000 ____D C:\windows\system32\MRT
2015-08-13 14:34 - 2015-05-18 01:43 - 00000000 ____D C:\Users\NP530\Downloads\Into the Woods (2002 Broadway Revival Cast)
2015-08-13 14:30 - 2015-06-07 18:12 - 00000000 ____D C:\Users\NP530\Downloads\Big Hero 6 (2014) [1080p]
2015-08-03 13:45 - 2012-07-26 10:12 - 00000000 ___RD C:\windows\ToastData
2015-07-29 11:05 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2015-07-28 23:17 - 2014-02-14 12:36 - 00003952 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-28 23:17 - 2014-02-14 12:36 - 00003716 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-28 23:13 - 2015-06-16 23:00 - 00003884 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001UA
2015-07-28 23:13 - 2015-06-16 22:59 - 00003504 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001Core
2015-07-28 10:59 - 2014-02-17 14:41 - 132483416 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-02-13 09:16 - 2014-02-15 15:07 - 0001508 _____ () C:\Users\NP530\AppData\Roaming\AbsoluteReminder.xml
2014-02-15 00:41 - 2014-02-15 00:41 - 0000132 _____ () C:\Users\NP530\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2014-02-14 23:26 - 2015-05-13 11:38 - 0000132 _____ () C:\Users\NP530\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-03-20 16:04 - 2014-03-20 16:04 - 0000046 _____ () C:\Users\NP530\AppData\Roaming\Camdata.ini
2014-03-20 16:04 - 2014-03-20 16:04 - 0000408 _____ () C:\Users\NP530\AppData\Roaming\CamLayout.ini
2014-03-20 16:04 - 2014-03-20 16:04 - 0000408 _____ () C:\Users\NP530\AppData\Roaming\CamShapes.ini
2014-03-20 16:04 - 2014-03-20 16:04 - 0004535 _____ () C:\Users\NP530\AppData\Roaming\CamStudio.cfg
2014-03-20 16:03 - 2014-03-20 16:03 - 0000096 _____ () C:\Users\NP530\AppData\Roaming\version2.xml
2014-07-17 15:50 - 2014-07-17 15:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-24 10:03 - 2012-08-08 06:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-08-24 10:03 - 2012-08-07 12:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some files in TEMP:
====================
C:\Users\NP530\AppData\Local\Temp\adks_webssearches_20140820.exe
C:\Users\NP530\AppData\Local\Temp\comver.dll
C:\Users\NP530\AppData\Local\Temp\Del423B.exe
C:\Users\NP530\AppData\Local\Temp\Deldevice.dll
C:\Users\NP530\AppData\Local\Temp\DelVista.dll
C:\Users\NP530\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv1i2pk.dll
C:\Users\NP530\AppData\Local\Temp\KlipPalSetup.exe
C:\Users\NP530\AppData\Local\Temp\pyl3A20.tmp.exe
C:\Users\NP530\AppData\Local\Temp\pylF90B.tmp.exe
C:\Users\NP530\AppData\Local\Temp\RloJBGoUHaQqwYFGGEPJ.DLL
C:\Users\NP530\AppData\Local\Temp\SIInvoker.exe
C:\Users\NP530\AppData\Local\Temp\sqlite3.dll
C:\Users\NP530\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\NP530\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\NP530\AppData\Local\Temp\xrAnotherRegister.exe
C:\Users\NP530\AppData\Local\Temp\ytd-upgrade.exe
C:\Users\NP530\AppData\Local\Temp\zhhBsiUVgPHeLwdpaxbM.DLL


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-17 00:23




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:414.85 GB) (Free:8.69 GB) NTFS

Available physical RAM: 937.75 MB
Total physical RAM: 3797.53 MB
Percentage of memory in use: 75%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 465.8 GB) (Disk ID: C420134B)
Disk: 1 (Size: 22.4 GB) (Disk ID: 1A5912DE)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001Core.job => C:\Users\NP530\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001UA.job => C:\Users\NP530\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================




===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\NP530\Desktop" je 49 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [AdobeBridge] => [X]
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> DefaultScope {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
oolbar: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
CHR Extension: (Pin It Button) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-01-01]
CHR Extension: (rikaikun) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2015-02-26]
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001UA.job
C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001Core.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
C:\Users\NP530\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[oflo]

Před hodinou mi notebook hodil BSOD. Pustil jsem teď ten fix. Tady je log.


Fix result of Farbar Recovery Scan Tool (x64) Version:20-08-2015
Ran by NP530 (2015-08-20 18:51:00) Run:1
Running from C:\Users\NP530\Desktop
Loaded Profiles: NP530 (Available Profiles: NP530)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1228448097-215964479-906076251-1001\...\Run: [AdobeBridge] => [X]
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> DefaultScope {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
oolbar: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
CHR Extension: (Pin It Button) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-01-01]
CHR Extension: (rikaikun) - C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2015-02-26]
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001UA.job
C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001Core.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
C:\Users\NP530\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-1228448097-215964479-906076251-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-1228448097-215964479-906076251-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1228448097-215964479-906076251-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{32FAEADA-2ECA-459A-B64A-5F27D6466687}" => key removed successfully
HKCR\CLSID\{32FAEADA-2ECA-459A-B64A-5F27D6466687} => key not found.
oolbar: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File => Error: No automatic fix found for this entry.
C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic => moved successfully
C:\Users\NP530\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001UA.job => moved successfully
C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1228448097-215964479-906076251-1001Core.job => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\MakeMarkerFile.exe => moved successfully
C:\Users\EasySurvey\EasySurvey.exe => moved successfully

"C:\Users\NP530\AppData\Local\Temp" folder move:

Could not move "C:\Users\NP530\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-20 18:53:24)<=

C:\Users\NP530\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:53:24 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[oflo]

Zase to hodilo BSoD, s chybou MEMORY_MANAGEMENT

[Rudy]

Uděšlejte kontrolu RAM: http://forum.viry.cz/viewtopic.php?f=53&t=106788 .