Zdravím, prosím o kontrolu, mám podezření na nějakou špatnost, už několik dní se mi z různých zemí snaží někdo lognout do steamu a počítač se značně zpomalil. Předem děkuji =)
FRST log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
Ran by Woltagen (administrator) on ABIGAIL (21-08-2015 18:19:42)
Running from C:\Users\Woltagen\Desktop
Loaded Profiles: Woltagen (Available Profiles: Woltagen)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Users\Woltagen\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(forum.viry.cz) C:\Users\Woltagen\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-11] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Steam] => D:\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [GoogleChromeAutoLaunch_D5BA2FB9C5B6DE37DD0909B2A44BCA7B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File not found
Startup: C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2013-01-08]
ShortcutTarget: IMVU.lnk -> C:\Users\Woltagen\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe ()
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-11] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> 171018428C9811CCCDD770300AE72F44 URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> 95D87D7CF4C6371FD29F426EEAF9B3DE URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> B498BBEC801673A2E675E7F2E985D7BB URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> E4C2F66B48CDE2F903AB1886D48B6CBF URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> FF743D28E1A652457694111041624D32 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {091AA93D-3D47-4370-BAA1-198E599D56A1} URL =
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {3AE9EEE3-AE1B-4BFC-9E21-34EF52FEBA5F} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=A5DE903E-DCB9-42C2-AA4B-9082DBBF905B&apn_sauid=B7D3B136-4961-4797-98CA-21F2535E48E6
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {675A3A57-DDFA-4FC6-9640-BFFBC60447F3} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: No Name -> {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-27] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File
Toolbar: HKLM-x32 - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File
Toolbar: HKLM-x32 - No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/update ... .196.0.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{0332B9C8-6C79-4962-91AF-6AE8BB5AF772}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Woltagen\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-91284999-528624967-1822222337-1001: @my.com/Games -> C:\Users\Woltagen\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-23] (My.com, Inc)
FF Plugin HKU\S-1-5-21-91284999-528624967-1822222337-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Woltagen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-01] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\firmy.cz-164347.xml [2014-09-07]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\google-avast.xml [2014-12-30]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\seznam.cz-164347.xml [2014-09-07]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\videa.seznam.cz-164347.xml [2014-09-07]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yahoo_ff.xml [2014-05-29]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yandex.xml [2014-09-12]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yqs-barff-yandex.xml [2014-09-12]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\zbozi.cz-164347.xml [2014-09-07]
FF Extension: Visual Bookmarks - C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\Extensions\vb@yandex.ru [2014-09-12]
FF Extension: &Yandex Elements& - C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\Extensions\yasearch@yandex.ru [2014-09-12]
FF Extension: Adblock Plus - C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-24]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR Profile: C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-24]
CHR Extension: (Authenticator) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2014-07-10]
CHR Extension: (YouTube) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-24]
CHR Extension: (Battlefield Heroes) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-02-03]
CHR Extension: (Google Search) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-24]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-05-01]
CHR Extension: (AdBlock) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Battlefield Play4Free) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2013-02-03]
CHR Extension: (Gmail) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-24]
CHR Profile: C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Google Docs) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Google Drive) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Domain Error Helper) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj [2015-01-13]
CHR Extension: (Google Search) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Google Sheets) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Avast Online Security) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-13]
CHR Extension: (New Tab Assistant) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof [2015-01-13]
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2015-01-13]
CHR Extension: (Slick Savings) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2015-01-13]
CHR Extension: (Google Wallet) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfndaklgolladniicklehhancnlgocpp [2015-01-13]
CHR Extension: (Gmail) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [cikkkfooompgefbcjlgdjejfdknkheaj] - C:\Program Files (x86)\Common Files\Spigot\GC\DomainErrorHelper_1.0_0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-27]
CHR HKLM-x32\...\Chrome\Extension: [gpiifgmgnfdiblgpaepbmfdkcheicgof] - C:\Program Files (x86)\Common Files\Spigot\GC\nta_1.0_0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Woltagen\AppData\Local\Slick Savings\coupons.crx [2014-05-01]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-11] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-26] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated)
S2 CLKMSVC10_96E434EB; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [243728 2012-07-25] (CyberLink)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2012-02-02] (Intel Corporation) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-08-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [14936 2012-08-17] (Intel(R) Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S5 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [533824 2014-10-07] (Microsoft Corporation)
R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation)
S5 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-11] (AVAST Software)
R5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-11] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-11] (AVAST Software)
R5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-11] (AVAST Software)
S5 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation)
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation)
R5 CLFS; C:\Windows\System32\drivers\CLFS.sys [377152 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [561928 2015-03-30] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [498032 2012-07-12] (Intel Corporation)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-02-22] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [354112 2014-08-26] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-04-08] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation)
S5 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [645952 2012-08-16] (Intel Corporation)
R5 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation)
R5 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-17] (Microsoft Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [23832 2012-08-14] (Intel Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation)
R3 KovaPlusFltr; C:\Windows\system32\drivers\KovaPlusFltr.sys [15104 2010-01-25] (ROCCAT Development, Inc.)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100672 2014-10-29] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [178008 2015-06-28] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation)
S5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation)
S5 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation)
S5 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101720 2015-07-16] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [1113944 2015-07-14] (Microsoft Corporation)
R5 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-11] (AVAST Software)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [88896 2014-10-15] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [280384 2014-07-24] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation)
R5 pdc; C:\Windows\System32\drivers\pdc.sys [86336 2014-10-17] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-02-22] (Microsoft Corporation)
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems)
R5 spaceport; C:\Windows\System32\drivers\spaceport.sys [415040 2014-10-29] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.)
S5 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [49944 2014-10-29] (Microsoft Corporation)
S5 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2476376 2015-06-11] (Microsoft Corporation)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation)
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-26] (Avast Software)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation)
S5 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [97048 2014-10-29] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [310080 2014-06-19] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation)
R5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136512 2014-11-10] (Microsoft Corporation)
R5 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-21 18:19 - 2015-08-21 18:19 - 00038156 _____ C:\Users\Woltagen\Desktop\FRST.txt
2015-08-21 18:19 - 2015-08-21 18:19 - 00000000 ____D C:\FRST
2015-08-21 18:17 - 2015-08-21 18:17 - 00112640 _____ (forum.viry.cz) C:\Users\Woltagen\Desktop\FRSTLauncher.exe
2015-08-21 18:09 - 2015-08-21 18:09 - 02173952 _____ (Farbar) C:\Users\Woltagen\Desktop\FRST64.exe
2015-08-21 17:49 - 2015-08-21 17:49 - 01222144 _____ C:\Users\Woltagen\Desktop\RSITx64.exe
2015-08-21 17:33 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-08-21 17:32 - 2015-08-21 17:33 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-08-21 17:31 - 2015-08-07 13:06 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 37819000 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-21 17:31 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00512720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00421544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00408184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00364152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-21 05:01 - 2015-08-21 05:26 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00001877 _____ C:\Users\Woltagen\Desktop\BitLord.lnk
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Users\Woltagen\Documents\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Users\Woltagen\AppData\Local\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Program Files (x86)\BitLord
2015-08-13 16:45 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 16:45 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:04 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 22:04 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 22:04 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 22:04 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 22:04 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 22:04 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 22:04 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 22:04 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 22:04 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 22:04 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 22:04 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 22:04 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 22:03 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-12 22:03 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 22:03 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 22:03 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 22:03 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 22:03 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 22:03 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 22:03 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-12 22:03 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 22:03 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 22:03 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 22:03 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 22:03 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 22:03 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 22:03 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 22:03 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 22:03 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 22:03 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 22:03 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 22:03 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 22:03 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 22:03 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 22:03 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 22:03 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 22:03 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 22:03 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 22:03 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 22:03 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 22:03 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 22:03 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 22:03 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 22:03 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 22:02 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 22:02 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 22:02 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 22:02 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 22:02 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 22:02 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 22:02 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 22:02 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 22:02 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 22:02 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-12 22:02 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 22:02 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 22:02 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 22:02 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 22:02 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 22:02 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 22:02 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 22:02 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 22:02 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 22:02 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 22:02 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 22:02 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 22:02 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 22:02 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 22:02 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 22:02 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 22:02 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 22:02 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 22:02 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 22:02 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 22:02 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 22:02 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 22:02 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 22:02 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 22:02 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 22:02 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 22:02 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 22:02 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 22:02 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 22:02 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 22:02 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 22:02 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 22:02 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-11 15:10 - 2015-08-21 18:19 - 01257557 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-11 04:19 - 2015-08-21 18:17 - 00015803 _____ C:\WINDOWS\setupact.log
2015-08-11 04:19 - 2015-08-11 04:19 - 00001822 _____ C:\WINDOWS\PFRO.log
2015-08-11 04:19 - 2015-08-11 04:19 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-11 03:18 - 2015-08-11 03:18 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-11 03:18 - 2015-08-11 03:18 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-04 00:46 - 2015-08-04 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-04 00:46 - 2015-08-04 00:46 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-08-02 21:56 - 2015-08-02 21:56 - 00000622 _____ C:\Users\Woltagen\Desktop\Trove PTS-US.lnk
2015-08-02 00:47 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll
2015-08-02 00:47 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-08-02 00:04 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-08-02 00:04 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-08-01 02:38 - 2015-08-01 02:55 - 00000000 ____D C:\Users\Woltagen\Documents\ArcheAge
2015-08-01 02:38 - 2015-08-01 02:38 - 00000000 ____D C:\ArcheAge
2015-07-26 12:41 - 2015-08-11 03:18 - 00115152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2015-07-23 17:56 - 2015-07-23 17:56 - 00000122 _____ C:\Users\Woltagen\Desktop\Skyforge My.com.url
2015-07-23 17:56 - 2015-07-23 17:56 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com
2015-07-23 16:25 - 2015-07-23 16:25 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2015-07-23 16:24 - 2015-08-14 22:14 - 00000000 ____D C:\Users\Woltagen\AppData\Local\MyComGames
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-21 18:17 - 2012-12-24 19:27 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\Skype
2015-08-21 18:16 - 2014-10-13 21:20 - 00000000 ___RD C:\Users\Woltagen\OneDrive
2015-08-21 18:16 - 2014-03-14 16:35 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-21 18:16 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-21 18:16 - 2012-12-24 19:25 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-21 18:14 - 2014-05-07 16:23 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\vlc
2015-08-21 18:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-21 17:50 - 2015-01-04 06:38 - 00000000 ____D C:\Program Files\trend micro
2015-08-21 17:48 - 2014-04-28 19:49 - 00003978 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{60FF86FB-E06E-4846-8980-F219021CD6E9}
2015-08-21 17:48 - 2013-02-20 19:46 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-21 17:45 - 2012-12-24 19:35 - 00000000 ___RD C:\Users\Woltagen\Desktop\Blbosti
2015-08-21 17:38 - 2012-12-24 18:52 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-91284999-528624967-1822222337-1001
2015-08-21 17:33 - 2014-03-14 16:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-21 17:18 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-21 17:15 - 2014-08-13 22:08 - 00000000 ____D C:\Users\Woltagen\AppData\Local\Glyph
2015-08-21 15:48 - 2013-11-14 14:40 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-21 15:48 - 2013-11-14 14:24 - 00738682 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-21 15:48 - 2013-11-14 14:24 - 00151404 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-19 22:50 - 2013-01-08 18:40 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\IMVU
2015-08-19 19:29 - 2013-10-25 15:21 - 00000000 ____D C:\Users\Woltagen\AppData\Local\Battle.net
2015-08-17 04:57 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-16 00:55 - 2013-05-26 08:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-15 00:22 - 2015-03-07 12:50 - 00000023 _____ C:\WINDOWS\BlendSettings.ini
2015-08-14 16:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-14 13:58 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-14 13:50 - 2013-08-22 16:44 - 00529728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-14 04:29 - 2015-04-15 22:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-14 04:29 - 2015-01-28 19:44 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 03:18 - 2012-12-24 19:19 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-13 21:16 - 2013-01-08 18:40 - 00001939 _____ C:\Users\Woltagen\Desktop\IMVU.lnk
2015-08-13 16:45 - 2013-08-25 11:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 16:45 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-13 16:43 - 2012-12-25 09:41 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-13 16:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 16:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 03:48 - 2013-02-20 19:46 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-11 03:18 - 2014-05-07 17:27 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-11 03:18 - 2013-12-19 21:59 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-11 03:18 - 2013-03-21 18:59 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-11 03:18 - 2013-03-21 18:59 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-11 03:18 - 2012-12-24 19:20 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-11 03:18 - 2012-12-24 19:19 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-11 03:18 - 2012-12-24 19:19 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-11 03:18 - 2012-12-24 19:19 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-09 14:16 - 2012-12-24 19:27 - 00000000 ____D C:\ProgramData\Skype
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 13:06 - 2014-03-14 16:35 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-08-07 13:06 - 2014-03-14 16:35 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-08-07 13:06 - 2013-09-05 03:47 - 17124832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-07 13:06 - 2013-09-05 03:47 - 14673920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 12513288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 03518248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 03106384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 00033050 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-07 06:34 - 2014-03-14 16:35 - 06883448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 03492144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 06:34 - 2014-03-14 16:35 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-04 01:28 - 2014-03-28 09:27 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\.minecraft
2015-08-04 00:57 - 2014-08-13 22:08 - 00000000 ____D C:\ProgramData\Glyph
2015-08-03 12:12 - 2014-03-14 16:35 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-01 18:07 - 2014-03-14 16:34 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-01 18:04 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-01 03:51 - 2014-03-14 16:37 - 00000000 ____D C:\Users\Woltagen
2015-07-27 13:58 - 2014-10-07 21:04 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-07-27 13:58 - 2014-06-20 22:52 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-27 13:38 - 2014-12-06 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-07-27 13:38 - 2014-12-06 02:32 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-07-25 13:17 - 2015-04-04 15:30 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-24 06:21 - 2015-01-19 23:46 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-07-24 06:21 - 2015-01-19 23:46 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-07-24 06:21 - 2015-01-19 23:46 - 01423304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-07-24 06:21 - 2015-01-19 23:46 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
==================== Files in the root of some directories =======
2014-06-19 07:18 - 2014-06-19 07:18 - 0000024 _____ () C:\Users\Woltagen\AppData\Roaming\temp.ini
2015-06-14 19:16 - 2015-06-14 19:16 - 0002690 _____ () C:\Users\Woltagen\AppData\Local\recently-used.xbel
2015-03-06 22:40 - 2015-03-06 23:22 - 0000379 ____H () C:\ProgramData\1-0-0-0.txt
2012-11-16 23:55 - 2012-11-16 23:55 - 0000123 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-09-07 16:43 - 2014-09-07 16:43 - 0004131 _____ () C:\ProgramData\mtbjfghn.xbe
Some files in TEMP:
====================
C:\Users\Woltagen\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Woltagen\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Woltagen\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-21 15:55
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Acer) (Fixed) (Total:118.29 GB) (Free:43.65 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1837.02 GB) (Free:843.26 GB) NTFS
Drive f: (Oblivion) (CDROM) (Total:4.18 GB) (Free:0 GB) UDF
Drive g: (KINGSTON) (Removable) (Total:29.28 GB) (Free:2.84 GB) FAT32
Available physical RAM: 5620.3 MB
Total physical RAM: 8149.88 MB
Percentage of memory in use: 31%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 119.2 GB) (Disk ID: 6F16B69F)
Disk: 1 (Size: 1863 GB) (Disk ID: 6F16B6F3)
Disk: 2 (MBR Code: Windows XP) (Size: 29.3 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=29.3 GB) - (Type=0C)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Users\Woltagen\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Woltagen\SkyDrive:ms-properties
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Woltagen\Desktop" je 2928 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Podezření
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Podezření
- Přílohy
-
- Addition.zip
- (14.23 KiB) Staženo 44 x
Re: Podezření
RSIT log
Logfile of random's system information tool 1.10 (written by random/random)
Run by Woltagen at 2015-08-21 18:23:55
Microsoft Windows 8.1
System drive C: has 45 GB (37%) free of 121 GB
Total RAM: 8150 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:23:56, on 21. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Woltagen.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O3 - Toolbar: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D5BA2FB9C5B6DE37DD0909B2A44BCA7B] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: IMVU.lnk = Woltagen\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static ... .196.0.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.96.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: CyberLink Product - 2012/11/16 14:07:55 (CLKMSVC10_96E434EB) - CyberLink - C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
--
End of file - 11651 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\WINDOWS\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
dashost.exe {c2801f02-6747-4bc5-9abee8503ed8d497}
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-65b168bd-3c58-4863-b930-2e775c4c0d25 -SystemEventPortName:HostProcess-26edce87-05fa-434f-a451-41c4fbe28800 -IoCancelEventPortName:HostProcess-ebae4feb-d734-46c4-a88c-6b2fb35c2993 -NonStateChangingEventPortName:HostProcess-c3fce165-8354-47ec-b5b1-ec09f7858561 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:db1fc40e-2c91-4806-8048-f83b4e06f9c3 -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 947bc72e-951e-4dd1-93cb-66347e087ec6
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
taskeng.exe {866BCB1F-D8C9-49DC-8495-1E4FB2164D3F}
taskhostex.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1256.0.442456622\401871238" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45,55 --gpu-vendor-id=0x10de --gpu-device-id=0x1185 --gpu-driver-vendor=NVIDIA --gpu-driver-version=10.18.13.5560 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.2.180705534\923658173" --font-cache-shared-handle=2208 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.3.1452052564\1581440842" --font-cache-shared-handle=2512 /prefetch:673131151
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.6.287934916\950405133" --font-cache-shared-handle=4920 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.7.2126808593\1578053661" --font-cache-shared-handle=3500 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.8.586902438\1113018911" --font-cache-shared-handle=3452 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.9.1321714372\288751858" --font-cache-shared-handle=3324 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.10.424195540\1577233627" --font-cache-shared-handle=5504 /prefetch:673131151
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "D:\Filmy\Hellboy-2-CZ.avi"
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.13.1915874527\1118709079" --font-cache-shared-handle=6764 /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Woltagen\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Woltagen\AppData\Roaming\raidcall\plugins\nprcplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll
C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\extensions\
vb@yandex.ru
yasearch@yandex.ru
C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\
firmy.cz-164347.xml
google-avast.xml
Google.xml
seznam.cz-164347.xml
videa.seznam.cz-164347.xml
yahoo_ff.xml
yandex.xml
yqs-barff-yandex.xml
zbozi.cz-164347.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-27 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-27 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
{91397D20-1446-11D4-8AF4-0040CA1127B6}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-07-24 1710568]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Steam\steam.exe [2015-08-19 2899136]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53655680]
"GoogleChromeAutoLaunch_D5BA2FB9C5B6DE37DD0909B2A44BCA7B"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-08-18 813896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-11 6109776]
""= []
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2015-08-03 5579624]
C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IMVU.lnk - C:\Users\Woltagen\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"VIDC.XFR1"=xfcodec64.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-21 18:19:06 ----D---- C:\FRST
2015-08-21 17:33:28 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvopencl.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvinitx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcuda.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2015-08-21 05:01:52 ----D---- C:\Users\Woltagen\AppData\Roaming\BitLord
2015-08-21 05:01:23 ----D---- C:\Program Files (x86)\BitLord
2015-08-13 16:45:42 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 16:45:42 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-08-12 22:03:24 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-12 22:03:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-12 22:03:23 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\wininet.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\ieui.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\jscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-12 22:02:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\WebClnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\invagent.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\devinv.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\davclnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-12 22:02:50 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-08-12 22:02:50 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-08-12 22:02:36 ----A---- C:\WINDOWS\system32\csrsrv.dll
2015-08-12 22:02:36 ----A---- C:\WINDOWS\system32\basesrv.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-12 22:02:35 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\netcfgx.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-08-12 22:02:35 ----A---- C:\WINDOWS\notepad.exe
2015-08-12 22:02:34 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-08-12 22:02:34 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-08-12 22:02:33 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-08-12 22:02:32 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2015-08-12 22:02:32 ----A---- C:\WINDOWS\system32\mstscax.dll
2015-08-12 22:02:31 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2015-08-12 22:02:31 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\win32k.sys
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-11 03:18:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-08-11 03:18:53 ----A---- C:\WINDOWS\avastSS.scr
2015-08-04 00:46:30 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2015-08-03 12:12:32 ----AH---- C:\WINDOWS\system32\drivers\Hamdrv.sys
2015-08-02 00:47:51 ----A---- C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-08-02 00:47:51 ----A---- C:\WINDOWS\system32\nvdispco6435362.dll
2015-08-02 00:04:16 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2015-08-02 00:04:16 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2015-08-01 02:38:42 ----D---- C:\ArcheAge
2015-07-26 12:41:21 ----A---- C:\WINDOWS\system32\drivers\ngvss.sys
======List of files/folders modified in the last 1 month======
2015-08-21 18:23:56 ----D---- C:\Program Files\trend micro
2015-08-21 18:22:13 ----RD---- C:\WINDOWS\System32
2015-08-21 18:22:13 ----D---- C:\WINDOWS\Inf
2015-08-21 18:22:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-21 18:20:49 ----D---- C:\WINDOWS\Prefetch
2015-08-21 18:20:16 ----D---- C:\WINDOWS\WinSxS
2015-08-21 18:20:16 ----D---- C:\WINDOWS\CbsTemp
2015-08-21 18:20:16 ----D---- C:\Windows
2015-08-21 18:18:03 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-08-21 18:17:43 ----D---- C:\Users\Woltagen\AppData\Roaming\Skype
2015-08-21 18:17:03 ----D---- C:\WINDOWS\Temp
2015-08-21 18:16:01 ----D---- C:\WINDOWS\system32\drivers
2015-08-21 18:16:01 ----D---- C:\ProgramData\NVIDIA
2015-08-21 18:15:59 ----D---- C:\WINDOWS\SysWOW64
2015-08-21 18:14:37 ----D---- C:\Users\Woltagen\AppData\Roaming\vlc
2015-08-21 18:02:00 ----D---- C:\WINDOWS\system32\sru
2015-08-21 17:35:59 ----D---- C:\WINDOWS\system32\config
2015-08-21 17:33:49 ----D---- C:\ProgramData\NVIDIA Corporation
2015-08-21 17:33:26 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-21 17:18:57 ----D---- C:\WINDOWS\system32\NDF
2015-08-21 15:55:12 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-21 05:01:31 ----SHD---- C:\WINDOWS\Installer
2015-08-21 05:01:23 ----RD---- C:\Program Files (x86)
2015-08-19 22:50:44 ----D---- C:\Users\Woltagen\AppData\Roaming\IMVU
2015-08-18 15:54:17 ----SHD---- C:\System Volume Information
2015-08-15 00:22:17 ----A---- C:\WINDOWS\BlendSettings.ini
2015-08-14 16:20:54 ----D---- C:\WINDOWS\rescache
2015-08-14 16:13:26 ----RSD---- C:\WINDOWS\assembly
2015-08-14 13:58:03 ----D---- C:\WINDOWS\AppReadiness
2015-08-14 04:29:39 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-14 04:29:39 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-08-14 04:29:39 ----D---- C:\WINDOWS\system32\appraiser
2015-08-14 04:29:39 ----D---- C:\WINDOWS\apppatch
2015-08-14 04:29:39 ----D---- C:\Program Files\Windows Defender
2015-08-14 04:29:39 ----D---- C:\Program Files\Internet Explorer
2015-08-14 04:29:39 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-14 04:29:39 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 16:45:57 ----HD---- C:\Program Files\WindowsApps
2015-08-13 16:45:24 ----D---- C:\WINDOWS\system32\MRT
2015-08-13 16:43:29 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-11 15:20:33 ----D---- C:\WINDOWS\debug
2015-08-11 15:10:02 ----D---- C:\WINDOWS\SoftwareDistribution
2015-08-11 03:21:38 ----D---- C:\WINDOWS\Logs
2015-08-11 03:18:56 ----D---- C:\WINDOWS\system32\Tasks
2015-08-11 03:18:48 ----D---- C:\WINDOWS\system32\catroot2
2015-08-09 14:16:14 ----D---- C:\ProgramData\Skype
2015-08-08 15:55:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\OpenCL.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\nvapi64.dll
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvshext.dll
2015-08-07 06:34:32 ----A---- C:\WINDOWS\system32\nvmctray.dll
2015-08-07 06:34:31 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 06:34:31 ----A---- C:\WINDOWS\system32\nvcpl.dll
2015-08-04 01:28:48 ----D---- C:\Users\Woltagen\AppData\Roaming\.minecraft
2015-08-04 00:57:32 ----D---- C:\ProgramData\Glyph
2015-08-01 18:07:18 ----DC---- C:\WINDOWS\Panther
2015-08-01 18:04:47 ----HD---- C:\$Windows.~BT
2015-07-27 13:58:33 ----D---- C:\Program Files (x86)\Common Files
2015-07-27 13:58:25 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-07-27 13:58:22 ----D---- C:\Program Files (x86)\Java
2015-07-27 13:38:40 ----D---- C:\WINDOWS\SYSWOW64\vbox
2015-07-27 13:38:40 ----D---- C:\WINDOWS\system32\vbox
2015-07-25 13:17:26 ----SD---- C:\WINDOWS\system32\GWX
2015-07-24 06:21:23 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2015-07-24 06:21:23 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2015-07-24 06:21:14 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2015-07-24 06:21:14 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-08-11 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-08-11 274808]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2015-08-11 115152]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-08-11 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-08-14 1048344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-08-11 447944]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-09-12 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-09-12 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-12 62776]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-08-11 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-08-11 90968]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2012-08-14 23832]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-26 273824]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
R3 e1cexpress;@oem13.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [2012-07-12 498032]
R3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2015-08-03 45680]
R3 ICCWDT;@oem22.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2012-07-17 26432]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-10 4083600]
R3 KovaPlusFltr;@oem17.inf,%SvcDispName%;ROCCAT Kova[+] Mouse; C:\WINDOWS\system32\drivers\KovaPlusFltr.sys [2010-01-25 15104]
R3 MEIx64;@oem24.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-06-17 204648]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-08-07 11076216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-07-24 19600]
R3 nvvad_WaveExtensible;@oem77.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-07-03 47976]
R3 RSUSBSTOR;@oem26.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-07-05 252048]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-03-14 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
S2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-08-11 150672]
S3 androidusb;@oem46.inf,%androidusb.SvcDesc%;ADB Interface Driver; C:\WINDOWS\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DrvAgent64;DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [2015-01-19 21712]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-08-11 146600]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-24 1155216]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-08-03 2545512]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-08-03 417552]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-24 1871504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-07-24 5544592]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-08-07 937592]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-08-12 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-07 410744]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-26 4047768]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-02-02 160256]
S2 CLKMSVC10_96E434EB;CyberLink Product - 2012/11/16 14:07:55; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [2012-07-25 243728]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-24 148080]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Woltagen at 2015-08-21 18:23:55
Microsoft Windows 8.1
System drive C: has 45 GB (37%) free of 121 GB
Total RAM: 8150 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:23:56, on 21. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Woltagen.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O3 - Toolbar: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D5BA2FB9C5B6DE37DD0909B2A44BCA7B] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: IMVU.lnk = Woltagen\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static ... .196.0.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.96.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: CyberLink Product - 2012/11/16 14:07:55 (CLKMSVC10_96E434EB) - CyberLink - C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
--
End of file - 11651 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\WINDOWS\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
dashost.exe {c2801f02-6747-4bc5-9abee8503ed8d497}
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-65b168bd-3c58-4863-b930-2e775c4c0d25 -SystemEventPortName:HostProcess-26edce87-05fa-434f-a451-41c4fbe28800 -IoCancelEventPortName:HostProcess-ebae4feb-d734-46c4-a88c-6b2fb35c2993 -NonStateChangingEventPortName:HostProcess-c3fce165-8354-47ec-b5b1-ec09f7858561 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:db1fc40e-2c91-4806-8048-f83b4e06f9c3 -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 947bc72e-951e-4dd1-93cb-66347e087ec6
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
taskeng.exe {866BCB1F-D8C9-49DC-8495-1E4FB2164D3F}
taskhostex.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1256.0.442456622\401871238" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45,55 --gpu-vendor-id=0x10de --gpu-device-id=0x1185 --gpu-driver-vendor=NVIDIA --gpu-driver-version=10.18.13.5560 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.2.180705534\923658173" --font-cache-shared-handle=2208 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.3.1452052564\1581440842" --font-cache-shared-handle=2512 /prefetch:673131151
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.6.287934916\950405133" --font-cache-shared-handle=4920 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.7.2126808593\1578053661" --font-cache-shared-handle=3500 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.8.586902438\1113018911" --font-cache-shared-handle=3452 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.9.1321714372\288751858" --font-cache-shared-handle=3324 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.10.424195540\1577233627" --font-cache-shared-handle=5504 /prefetch:673131151
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "D:\Filmy\Hellboy-2-CZ.avi"
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1256.13.1915874527\1118709079" --font-cache-shared-handle=6764 /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Woltagen\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Woltagen\AppData\Roaming\raidcall\plugins\nprcplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll
C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\extensions\
vb@yandex.ru
yasearch@yandex.ru
C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\
firmy.cz-164347.xml
google-avast.xml
Google.xml
seznam.cz-164347.xml
videa.seznam.cz-164347.xml
yahoo_ff.xml
yandex.xml
yqs-barff-yandex.xml
zbozi.cz-164347.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-27 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-27 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
{91397D20-1446-11D4-8AF4-0040CA1127B6}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-07-24 1710568]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Steam\steam.exe [2015-08-19 2899136]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53655680]
"GoogleChromeAutoLaunch_D5BA2FB9C5B6DE37DD0909B2A44BCA7B"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-08-18 813896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-11 6109776]
""= []
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2015-08-03 5579624]
C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IMVU.lnk - C:\Users\Woltagen\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"VIDC.XFR1"=xfcodec64.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-21 18:19:06 ----D---- C:\FRST
2015-08-21 17:33:28 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvopencl.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvinitx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcuda.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2015-08-21 05:01:52 ----D---- C:\Users\Woltagen\AppData\Roaming\BitLord
2015-08-21 05:01:23 ----D---- C:\Program Files (x86)\BitLord
2015-08-13 16:45:42 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 16:45:42 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-08-12 22:03:24 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-12 22:03:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-12 22:03:23 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\wininet.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\ieui.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\jscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-12 22:02:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\WebClnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\invagent.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\devinv.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\davclnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-12 22:02:50 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-08-12 22:02:50 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-08-12 22:02:36 ----A---- C:\WINDOWS\system32\csrsrv.dll
2015-08-12 22:02:36 ----A---- C:\WINDOWS\system32\basesrv.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-12 22:02:35 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\netcfgx.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-08-12 22:02:35 ----A---- C:\WINDOWS\notepad.exe
2015-08-12 22:02:34 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-08-12 22:02:34 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-08-12 22:02:33 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-08-12 22:02:32 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2015-08-12 22:02:32 ----A---- C:\WINDOWS\system32\mstscax.dll
2015-08-12 22:02:31 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2015-08-12 22:02:31 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\win32k.sys
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-11 03:18:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-08-11 03:18:53 ----A---- C:\WINDOWS\avastSS.scr
2015-08-04 00:46:30 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2015-08-03 12:12:32 ----AH---- C:\WINDOWS\system32\drivers\Hamdrv.sys
2015-08-02 00:47:51 ----A---- C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-08-02 00:47:51 ----A---- C:\WINDOWS\system32\nvdispco6435362.dll
2015-08-02 00:04:16 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2015-08-02 00:04:16 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2015-08-01 02:38:42 ----D---- C:\ArcheAge
2015-07-26 12:41:21 ----A---- C:\WINDOWS\system32\drivers\ngvss.sys
======List of files/folders modified in the last 1 month======
2015-08-21 18:23:56 ----D---- C:\Program Files\trend micro
2015-08-21 18:22:13 ----RD---- C:\WINDOWS\System32
2015-08-21 18:22:13 ----D---- C:\WINDOWS\Inf
2015-08-21 18:22:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-21 18:20:49 ----D---- C:\WINDOWS\Prefetch
2015-08-21 18:20:16 ----D---- C:\WINDOWS\WinSxS
2015-08-21 18:20:16 ----D---- C:\WINDOWS\CbsTemp
2015-08-21 18:20:16 ----D---- C:\Windows
2015-08-21 18:18:03 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-08-21 18:17:43 ----D---- C:\Users\Woltagen\AppData\Roaming\Skype
2015-08-21 18:17:03 ----D---- C:\WINDOWS\Temp
2015-08-21 18:16:01 ----D---- C:\WINDOWS\system32\drivers
2015-08-21 18:16:01 ----D---- C:\ProgramData\NVIDIA
2015-08-21 18:15:59 ----D---- C:\WINDOWS\SysWOW64
2015-08-21 18:14:37 ----D---- C:\Users\Woltagen\AppData\Roaming\vlc
2015-08-21 18:02:00 ----D---- C:\WINDOWS\system32\sru
2015-08-21 17:35:59 ----D---- C:\WINDOWS\system32\config
2015-08-21 17:33:49 ----D---- C:\ProgramData\NVIDIA Corporation
2015-08-21 17:33:26 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-21 17:18:57 ----D---- C:\WINDOWS\system32\NDF
2015-08-21 15:55:12 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-21 05:01:31 ----SHD---- C:\WINDOWS\Installer
2015-08-21 05:01:23 ----RD---- C:\Program Files (x86)
2015-08-19 22:50:44 ----D---- C:\Users\Woltagen\AppData\Roaming\IMVU
2015-08-18 15:54:17 ----SHD---- C:\System Volume Information
2015-08-15 00:22:17 ----A---- C:\WINDOWS\BlendSettings.ini
2015-08-14 16:20:54 ----D---- C:\WINDOWS\rescache
2015-08-14 16:13:26 ----RSD---- C:\WINDOWS\assembly
2015-08-14 13:58:03 ----D---- C:\WINDOWS\AppReadiness
2015-08-14 04:29:39 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-14 04:29:39 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-08-14 04:29:39 ----D---- C:\WINDOWS\system32\appraiser
2015-08-14 04:29:39 ----D---- C:\WINDOWS\apppatch
2015-08-14 04:29:39 ----D---- C:\Program Files\Windows Defender
2015-08-14 04:29:39 ----D---- C:\Program Files\Internet Explorer
2015-08-14 04:29:39 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-14 04:29:39 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 16:45:57 ----HD---- C:\Program Files\WindowsApps
2015-08-13 16:45:24 ----D---- C:\WINDOWS\system32\MRT
2015-08-13 16:43:29 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-11 15:20:33 ----D---- C:\WINDOWS\debug
2015-08-11 15:10:02 ----D---- C:\WINDOWS\SoftwareDistribution
2015-08-11 03:21:38 ----D---- C:\WINDOWS\Logs
2015-08-11 03:18:56 ----D---- C:\WINDOWS\system32\Tasks
2015-08-11 03:18:48 ----D---- C:\WINDOWS\system32\catroot2
2015-08-09 14:16:14 ----D---- C:\ProgramData\Skype
2015-08-08 15:55:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\OpenCL.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\nvapi64.dll
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvshext.dll
2015-08-07 06:34:32 ----A---- C:\WINDOWS\system32\nvmctray.dll
2015-08-07 06:34:31 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 06:34:31 ----A---- C:\WINDOWS\system32\nvcpl.dll
2015-08-04 01:28:48 ----D---- C:\Users\Woltagen\AppData\Roaming\.minecraft
2015-08-04 00:57:32 ----D---- C:\ProgramData\Glyph
2015-08-01 18:07:18 ----DC---- C:\WINDOWS\Panther
2015-08-01 18:04:47 ----HD---- C:\$Windows.~BT
2015-07-27 13:58:33 ----D---- C:\Program Files (x86)\Common Files
2015-07-27 13:58:25 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-07-27 13:58:22 ----D---- C:\Program Files (x86)\Java
2015-07-27 13:38:40 ----D---- C:\WINDOWS\SYSWOW64\vbox
2015-07-27 13:38:40 ----D---- C:\WINDOWS\system32\vbox
2015-07-25 13:17:26 ----SD---- C:\WINDOWS\system32\GWX
2015-07-24 06:21:23 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2015-07-24 06:21:23 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2015-07-24 06:21:14 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2015-07-24 06:21:14 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-08-11 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-08-11 274808]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2015-08-11 115152]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-08-11 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-08-14 1048344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-08-11 447944]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-09-12 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-09-12 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-12 62776]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-08-11 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-08-11 90968]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2012-08-14 23832]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-26 273824]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
R3 e1cexpress;@oem13.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [2012-07-12 498032]
R3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2015-08-03 45680]
R3 ICCWDT;@oem22.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2012-07-17 26432]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-10 4083600]
R3 KovaPlusFltr;@oem17.inf,%SvcDispName%;ROCCAT Kova[+] Mouse; C:\WINDOWS\system32\drivers\KovaPlusFltr.sys [2010-01-25 15104]
R3 MEIx64;@oem24.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-06-17 204648]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-08-07 11076216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-07-24 19600]
R3 nvvad_WaveExtensible;@oem77.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-07-03 47976]
R3 RSUSBSTOR;@oem26.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-07-05 252048]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-03-14 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
S2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-08-11 150672]
S3 androidusb;@oem46.inf,%androidusb.SvcDesc%;ADB Interface Driver; C:\WINDOWS\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DrvAgent64;DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [2015-01-19 21712]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-08-11 146600]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-24 1155216]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-08-03 2545512]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-08-03 417552]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-24 1871504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-07-24 5544592]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-08-07 937592]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-08-12 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-07 410744]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-26 4047768]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-02-02 160256]
S2 CLKMSVC10_96E434EB;CyberLink Product - 2012/11/16 14:07:55; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [2012-07-25 243728]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-24 148080]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
-----------------EOF-----------------
Re: Podezření
Zdravim 
Priste dejte na zacatek jen jeden log. Kdyz si hned sam odpovite, trva dele, nez vas nekdo objevi.
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Priste dejte na zacatek jen jeden log. Kdyz si hned sam odpovite, trva dele, nez vas nekdo objevi. Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Podezření
Omlouvám se, příště tak udělám Než jste odpověděl, projel jsem PC Esetem a našel mi nějaké tři špatnosti, dvě z toho byly "Spigot". Výsledky MBAMu přikládám.
Než jste odpověděl, projel jsem PC Esetem a našel mi nějaké tři špatnosti, dvě z toho byly "Spigot". Výsledky MBAMu přikládám.----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2015/08/23 19:19:11
-- Controller Map ----------------------------------------------------------
+ Řadič Intel(R) SATA diskového pole RAID pro čipovou sadu Desktop/Workstation/Server Express [SCSI]
- LITEONIT LCT-128M3S
- ST2000DM001-9YN164
- ATAPI BD E DH12E3SH
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) LITEONIT LCT-128M3S : 128,0 GB [0/0/0, pd1]
(2) LITEONIT LCT-128M3S : 128,0 GB [0/0/-1, cs]
(3) ST2000DM001-9YN164 : 2000,3 GB [1/0/0, pd1]
(4) ST2000DM001-9YN164 : 2000,3 GB [1/0/-1, cs] - st
----------------------------------------------------------------------------
(1) LITEONIT LCT-128M3S
----------------------------------------------------------------------------
Model : LITEONIT LCT-128M3S
Firmware : VAC8
Serial Number : 002236110521
Disk Size : 128,0 GB (8,4/128,0/128,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 250069680
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA/ATAPI-7 T13 1532D version 4a
Transfer Mode : SATA/600
Power On Hours : Neznámy údaj
Power On Count : Neznámy údaj
Temparature : Neznámy údaj
Health Status : Neznámý
Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM
APM Level : ----
AAM Level : ----
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3030 3232 3336 3131 3035 2020 2020 2020 2020 2020
020: 0000 0000 0000 5641 4338 2020 2020 4C49 5445 4F4E
030: 4954 204C 4354 2D31 3238 5320 5320 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0000 0000 0007 3FFF 003F 003F FC10 00FB 0101
060: C2B0 0EE7 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 070E 070E 0000 004C 0048
080: 01FE 0021 346B 7D01 4123 BC01 BC01 4123 407F 0003
090: 0003 0000 0000 0000 0000 0000 0000 0000 0000 0000
100: C2B0 0EE7 0000 0000 0000 4000 4000 0000 5000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 1035 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 9BA5
----------------------------------------------------------------------------
(2) LITEONIT LCT-128M3S
----------------------------------------------------------------------------
Model : LITEONIT LCT-128M3S
Firmware : VAC8
Serial Number : 002236110521
Disk Size : 128,0 GB (8,4/128,0/128,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 250069680
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA/ATAPI-7 T13 1532D version 4a
Transfer Mode : SATA/600
Power On Hours : 3074 hod.
Power On Count : 1749 krát
Temparature : Neznámy údaj
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _70 000000000000 Počet chyb čtení
05 100 100 __0 000000000000 Počet přemapovaných sektorů
09 100 100 __0 000000000C02 Hodin v činnosti
0C 100 100 __0 0000000006D5 Počet cyklů zapnutí zařízení
B2 100 100 __0 000000000009 Neznámý
BB 100 100 __0 000000000013 Specifický pro výrobce
C0 100 100 __0 000000000007 Unsafe Shutdown Count
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3030 3232 3336 3131 3035 2020 2020 2020 2020 2020
020: 0000 0000 0000 5641 4338 2020 2020 4C49 5445 4F4E
030: 4954 204C 4354 2D31 3238 5320 5320 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0000 0000 0007 3FFF 003F 003F FC10 00FB 0101
060: C2B0 0EE7 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 070E 070E 0000 004C 0048
080: 01FE 0021 346B 7D01 4123 BC01 BC01 4123 407F 0003
090: 0003 0000 0000 0000 0000 0000 0000 0000 0000 0000
100: C2B0 0EE7 0000 0000 0000 4000 4000 0000 5000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 1035 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 9BA5
----------------------------------------------------------------------------
(3) ST2000DM001-9YN164
----------------------------------------------------------------------------
Model : ST2000DM001-9YN164
Firmware : CC4B
Serial Number : Z1E1CE9G
Disk Size : 2000,3 GB (8,4/137,4/2000,3)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 3907029168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/600
Power On Hours : Neznámy údaj
Power On Count : Neznámy údaj
Temparature : Neznámy údaj
Health Status : Neznámý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 5A31 5A31 4531 4345 3947
020: 0000 0000 0004 4343 3442 2020 2020 5354 3230 3030
030: 444D 3030 312D 3959 4E31 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 850E 850E 0006 004C 0048
080: 01F0 0029 346B 7D09 4163 BC09 BC09 4163 407F 0068
090: 0068 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 88B0 E8E0 0000 0000 0000 6003 6003 0000 5000 C500
110: 4E46 5396 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 88B0
130: E8E0 88B0 E8E0 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 007F 007F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5800 89E0
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 3085 3085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1020 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 55A5
----------------------------------------------------------------------------
(4) ST2000DM001-9YN164
----------------------------------------------------------------------------
Model : ST2000DM001-9YN164
Firmware : CC4B
Serial Number : Z1E1CE9G
Disk Size : 2000,3 GB (8,4/137,4/2000,3)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 3907029168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/600
Power On Hours : 10307 hod.
Power On Count : 1750 krát
Host Reads : 46991502 GB
Host Writes : 51956318 GB
Temparature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 120 _99 __6 0000001B0DD0 Počet chyb čtení
03 _95 _94 __0 000000000000 Čas na roztočení ploten
04 _97 _97 _20 000000000DE9 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _77 _60 _30 00000319D895 Počet chybných hledání
09 _89 _89 __0 000000002843 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 0000000006D6 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _97 __0 000300030003 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _62 _51 _45 000226180026 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000012 Počet vypnutí disku
C1 _52 _52 __0 0000000179A9 Počet cyklů načítání/vymazání
C2 _38 _49 __0 800000000026 Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 C8FB0000170F Čas nastavování hlaviček - v hodinách
F1 100 253 __0 63194BC50524 Total LBAs Written
F2 100 253 __0 59A111C88EBA Total LBAs Read
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 5A31 5A31 4531 4345 3947
020: 0000 0000 0004 4343 3442 2020 2020 5354 3230 3030
030: 444D 3030 312D 3959 4E31 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 850E 850E 0006 004C 0048
080: 01F0 0029 346B 7D09 4163 BC09 BC09 4163 407F 0068
090: 0068 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 88B0 E8E0 0000 0000 0000 6003 6003 0000 5000 C500
110: 4E46 5396 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 88B0
130: E8E0 88B0 E8E0 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 007F 007F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5800 89E0
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 3085 3085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1020 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 55A5
# AdwCleaner v5.003 - Logfile created 23/08/2015 at 19:22:15
# Updated 20/08/2015 by Xplode
# Database : 2015-08-23.3 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Woltagen - ABIGAIL
# Running from : C:\Users\Woltagen\Downloads\adwcleaner_5.003.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\Application Updater
[-] Folder Deleted : C:\Program Files (x86)\eSupport.com
[-] Folder Deleted : C:\Users\Woltagen\AppData\Local\eSupport.com
[-] Folder Deleted : C:\Users\Woltagen\AppData\Local\Slick Savings
[-] Folder Deleted : C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
[-] Folder Deleted : C:\Users\Woltagen\AppData\LocalLow\Search Settings
[-] Folder Deleted : C:\Users\Woltagen\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\Extensions\yasearch@yandex.ru
[-] Folder Deleted : C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\Extensions\vb@yandex.ru
***** [ Files ] *****
[-] File Deleted : C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.spigotmc.org_0.localstorage
[-] File Deleted : C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.spigotmc.org_0.localstorage-journal
[-] File Deleted : C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yahoo_ff.xml
[-] File Deleted : C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yqs-barff-yandex.xml
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\pc-mechanic
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
[-] Key Deleted : HKCU\Software\eSupport.com
[-] Key Deleted : HKCU\Software\Search Settings
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\IObit Apps
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
[-] Key Deleted : HKCU\Software\AppDataLow\Software\IObit Apps
[-] Key Deleted : HKLM\SOFTWARE\Application Updater
[-] Key Deleted : HKLM\SOFTWARE\Search Settings
[-] Key Deleted : HKLM\SOFTWARE\IObit Apps
[!] Key Not Deleted : [x64] HKCU\Software\eSupport.com
[!] Key Not Deleted : [x64] HKCU\Software\Search Settings
[!] Key Not Deleted : [x64] HKCU\Software\Softonic
[!] Key Not Deleted : [x64] HKCU\Software\IObit Apps
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
***** [ Web browsers ] *****
*************************
:: Proxy settings cleared
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5072 bytes] ##########
- Přílohy
-
- Výsledky.zip
- (1.47 KiB) Staženo 43 x
Re: Podezření
Nedavejte prosim logy do Quote, spatne se to cte
Jinak to, ze si nemate sam odpovidat, plati jen o uvodnim prispevku pri zalozeni tematu. Kdyz uz se vas nekdo ujme, pak uz davejte vsechny logy primo sem a klidne je rozdelte do vice prispevku. Je to pro nas prehlednejsi a lip se s nimi pak pracuje.
Nalezy MBAM nechte odstranit, pak muzete MBAM odinstalovat.
Dejte nove logy z RSIT i FRST
Jinak to, ze si nemate sam odpovidat, plati jen o uvodnim prispevku pri zalozeni tematu. Kdyz uz se vas nekdo ujme, pak uz davejte vsechny logy primo sem a klidne je rozdelte do vice prispevku. Je to pro nas prehlednejsi a lip se s nimi pak pracuje.
Nalezy MBAM nechte odstranit, pak muzete MBAM odinstalovat. Dejte nove logy z RSIT i FRSTPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Podezření
Jej, koukám že to kazím vším co se dá, omlouvám se 
Nálezy odstraněny a MBAM odinstalován.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
Ran by Woltagen (administrator) on ABIGAIL (24-08-2015 14:55:08)
Running from C:\Users\Woltagen\Desktop
Loaded Profiles: Woltagen (Available Profiles: Woltagen)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Woltagen\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-11] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Steam] => D:\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [GoogleChromeAutoLaunch_D5BA2FB9C5B6DE37DD0909B2A44BCA7B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File not found
Startup: C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2013-01-08]
ShortcutTarget: IMVU.lnk -> C:\Users\Woltagen\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe ()
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-11] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> 171018428C9811CCCDD770300AE72F44 URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> 95D87D7CF4C6371FD29F426EEAF9B3DE URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> B498BBEC801673A2E675E7F2E985D7BB URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> FF743D28E1A652457694111041624D32 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {091AA93D-3D47-4370-BAA1-198E599D56A1} URL =
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {3AE9EEE3-AE1B-4BFC-9E21-34EF52FEBA5F} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=A5DE903E-DCB9-42C2-AA4B-9082DBBF905B&apn_sauid=B7D3B136-4961-4797-98CA-21F2535E48E6
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {675A3A57-DDFA-4FC6-9640-BFFBC60447F3} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-27] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/update ... .196.0.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{0332B9C8-6C79-4962-91AF-6AE8BB5AF772}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Woltagen\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-91284999-528624967-1822222337-1001: @my.com/Games -> C:\Users\Woltagen\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-23] (My.com, Inc)
FF Plugin HKU\S-1-5-21-91284999-528624967-1822222337-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Woltagen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-01] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\firmy.cz-164347.xml [2014-09-07]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\google-avast.xml [2014-12-30]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\seznam.cz-164347.xml [2014-09-07]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\videa.seznam.cz-164347.xml [2014-09-07]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yandex.xml [2014-09-12]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\zbozi.cz-164347.xml [2014-09-07]
FF Extension: Adblock Plus - C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-24]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR Profile: C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-24]
CHR Extension: (Authenticator) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2014-07-10]
CHR Extension: (YouTube) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-24]
CHR Extension: (Battlefield Heroes) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-02-03]
CHR Extension: (Google Search) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-24]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-05-01]
CHR Extension: (AdBlock) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Gmail) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-24]
CHR Profile: C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Google Docs) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Google Drive) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Domain Error Helper) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj [2015-01-13]
CHR Extension: (Google Search) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Google Sheets) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Avast Online Security) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-13]
CHR Extension: (New Tab Assistant) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof [2015-01-13]
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2015-01-13]
CHR Extension: (Slick Savings) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2015-01-13]
CHR Extension: (Google Wallet) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfndaklgolladniicklehhancnlgocpp [2015-01-13]
CHR Extension: (Gmail) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-11] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-26] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated)
S2 CLKMSVC10_96E434EB; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [243728 2012-07-25] (CyberLink)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2012-02-02] (Intel Corporation) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-08-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [14936 2012-08-17] (Intel(R) Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S5 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [533824 2014-10-07] (Microsoft Corporation)
R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation)
S5 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-11] (AVAST Software)
R5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-11] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-11] (AVAST Software)
R5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-11] (AVAST Software)
S5 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation)
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation)
R5 CLFS; C:\Windows\System32\drivers\CLFS.sys [377152 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [561928 2015-03-30] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [498032 2012-07-12] (Intel Corporation)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-02-22] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [354112 2014-08-26] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-04-08] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation)
S5 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [645952 2012-08-16] (Intel Corporation)
R5 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation)
R5 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-17] (Microsoft Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [23832 2012-08-14] (Intel Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation)
R3 KovaPlusFltr; C:\Windows\system32\drivers\KovaPlusFltr.sys [15104 2010-01-25] (ROCCAT Development, Inc.)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100672 2014-10-29] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [178008 2015-06-28] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation)
S5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation)
S5 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation)
S5 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101720 2015-07-16] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [1113944 2015-07-14] (Microsoft Corporation)
R5 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-11] (AVAST Software)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [88896 2014-10-15] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [280384 2014-07-24] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation)
R5 pdc; C:\Windows\System32\drivers\pdc.sys [86336 2014-10-17] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-02-22] (Microsoft Corporation)
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems)
R5 spaceport; C:\Windows\System32\drivers\spaceport.sys [415040 2014-10-29] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.)
S5 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [49944 2014-10-29] (Microsoft Corporation)
S5 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2476376 2015-06-11] (Microsoft Corporation)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation)
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-26] (Avast Software)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation)
S5 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [97048 2014-10-29] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [310080 2014-06-19] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation)
R5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136512 2014-11-10] (Microsoft Corporation)
R5 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-24 14:55 - 2015-08-24 14:55 - 00036025 _____ C:\Users\Woltagen\Desktop\FRST.txt
2015-08-24 14:54 - 2015-08-24 14:54 - 00029696 _____ C:\Users\Woltagen\AppData\Local\MSGBOX.EXE
2015-08-24 14:54 - 2015-08-24 14:54 - 00015327 _____ C:\Users\Woltagen\Desktop\LM.bat
2015-08-24 14:53 - 2015-08-24 14:53 - 00112640 _____ (forum.viry.cz) C:\Users\Woltagen\Desktop\FRSTLauncher.exe
2015-08-23 21:35 - 2015-08-24 14:53 - 00000000 ____D C:\Users\Woltagen\Desktop\Údržba
2015-08-23 19:28 - 2015-08-23 19:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-23 19:27 - 2015-08-23 19:27 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Woltagen\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-23 19:21 - 2015-08-23 19:22 - 00000000 ____D C:\AdwCleaner
2015-08-23 19:20 - 2015-08-23 19:20 - 01605632 _____ C:\Users\Woltagen\Downloads\adwcleaner_5.003.exe
2015-08-23 19:18 - 2015-08-23 19:18 - 01496172 _____ C:\Users\Woltagen\Downloads\CrystalDiskInfo5_0_0.zip
2015-08-23 16:48 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-23 16:48 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-21 18:19 - 2015-08-24 14:55 - 00000000 ____D C:\FRST
2015-08-21 18:09 - 2015-08-21 18:09 - 02173952 _____ (Farbar) C:\Users\Woltagen\Desktop\FRST64.exe
2015-08-21 17:33 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-08-21 17:31 - 2015-08-07 13:06 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 37819000 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-21 17:31 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00512720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00421544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00408184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00364152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-21 05:01 - 2015-08-21 05:26 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00001877 _____ C:\Users\Woltagen\Desktop\BitLord.lnk
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Users\Woltagen\Documents\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Users\Woltagen\AppData\Local\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Program Files (x86)\BitLord
2015-08-13 16:45 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 16:45 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:04 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 22:04 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 22:04 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 22:04 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 22:04 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 22:04 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 22:04 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 22:04 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 22:04 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 22:04 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 22:04 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 22:04 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 22:03 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 22:03 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 22:03 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 22:03 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 22:03 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 22:03 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 22:03 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 22:03 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 22:03 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 22:03 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 22:03 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 22:03 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 22:03 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 22:03 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 22:03 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 22:03 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 22:03 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 22:03 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 22:03 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 22:03 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 22:03 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 22:03 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 22:03 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 22:03 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 22:03 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 22:03 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 22:03 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 22:03 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 22:03 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 22:03 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 22:02 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 22:02 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 22:02 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 22:02 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 22:02 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 22:02 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 22:02 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 22:02 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 22:02 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 22:02 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-12 22:02 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 22:02 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 22:02 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 22:02 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 22:02 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 22:02 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 22:02 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 22:02 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 22:02 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 22:02 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 22:02 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 22:02 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 22:02 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 22:02 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 22:02 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 22:02 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 22:02 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 22:02 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 22:02 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 22:02 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 22:02 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 22:02 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 22:02 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 22:02 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 22:02 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 22:02 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 22:02 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 22:02 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 22:02 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 22:02 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 22:02 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 22:02 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 22:02 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-11 15:10 - 2015-08-24 14:47 - 01705148 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-11 04:19 - 2015-08-23 19:23 - 00017525 _____ C:\WINDOWS\setupact.log
2015-08-11 04:19 - 2015-08-11 04:19 - 00001822 _____ C:\WINDOWS\PFRO.log
2015-08-11 04:19 - 2015-08-11 04:19 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-11 03:18 - 2015-08-11 03:18 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-11 03:18 - 2015-08-11 03:18 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-04 00:46 - 2015-08-04 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-04 00:46 - 2015-08-04 00:46 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-08-02 21:56 - 2015-08-02 21:56 - 00000622 _____ C:\Users\Woltagen\Desktop\Trove PTS-US.lnk
2015-08-02 00:47 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll
2015-08-02 00:47 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-08-02 00:04 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-08-02 00:04 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-08-01 02:38 - 2015-08-01 02:55 - 00000000 ____D C:\Users\Woltagen\Documents\ArcheAge
2015-08-01 02:38 - 2015-08-01 02:38 - 00000000 ____D C:\ArcheAge
2015-07-26 12:41 - 2015-08-11 03:18 - 00115152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-24 14:55 - 2012-12-24 18:52 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-91284999-528624967-1822222337-1001
2015-08-24 14:51 - 2015-01-04 06:38 - 00000000 ____D C:\Program Files\trend micro
2015-08-24 14:48 - 2014-04-28 19:49 - 00003978 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{60FF86FB-E06E-4846-8980-F219021CD6E9}
2015-08-24 14:48 - 2013-02-20 19:46 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-24 14:46 - 2012-12-24 19:27 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\Skype
2015-08-24 14:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-24 05:44 - 2014-08-13 22:08 - 00000000 ____D C:\Users\Woltagen\AppData\Local\Glyph
2015-08-24 04:47 - 2013-10-25 15:21 - 00000000 ____D C:\Users\Woltagen\AppData\Local\Battle.net
2015-08-24 03:23 - 2014-05-07 16:23 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\vlc
2015-08-23 23:55 - 2012-12-24 19:25 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-23 21:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-23 19:29 - 2013-11-14 14:40 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-23 19:29 - 2013-11-14 14:24 - 00738682 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-23 19:29 - 2013-11-14 14:24 - 00151404 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-23 19:23 - 2014-10-13 21:20 - 00000000 ____D C:\Users\Woltagen\OneDrive
2015-08-23 19:23 - 2014-03-14 16:35 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-23 19:23 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-23 19:22 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-23 16:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-23 16:48 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-23 02:13 - 2012-12-24 19:35 - 00000000 ___RD C:\Users\Woltagen\Desktop\Blbosti
2015-08-21 20:30 - 2013-01-08 18:40 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\IMVU
2015-08-21 17:33 - 2014-03-14 16:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-16 00:55 - 2013-05-26 08:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-15 00:22 - 2015-03-07 12:50 - 00000023 _____ C:\WINDOWS\BlendSettings.ini
2015-08-14 22:14 - 2015-07-23 16:24 - 00000000 ____D C:\Users\Woltagen\AppData\Local\MyComGames
2015-08-14 16:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-14 13:50 - 2013-08-22 16:44 - 00529728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-14 04:29 - 2015-04-15 22:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-14 04:29 - 2015-01-28 19:44 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 03:18 - 2012-12-24 19:19 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-13 21:16 - 2013-01-08 18:40 - 00001939 _____ C:\Users\Woltagen\Desktop\IMVU.lnk
2015-08-13 16:45 - 2013-08-25 11:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 16:43 - 2012-12-25 09:41 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-13 16:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 16:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 03:48 - 2013-02-20 19:46 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-11 03:18 - 2014-05-07 17:27 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-11 03:18 - 2013-12-19 21:59 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-11 03:18 - 2013-03-21 18:59 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-11 03:18 - 2013-03-21 18:59 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-11 03:18 - 2012-12-24 19:20 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-11 03:18 - 2012-12-24 19:19 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-11 03:18 - 2012-12-24 19:19 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-11 03:18 - 2012-12-24 19:19 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-09 14:16 - 2012-12-24 19:27 - 00000000 ____D C:\ProgramData\Skype
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 13:06 - 2014-03-14 16:35 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-08-07 13:06 - 2014-03-14 16:35 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-08-07 13:06 - 2013-09-05 03:47 - 17124832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-07 13:06 - 2013-09-05 03:47 - 14673920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 12513288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 03518248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 03106384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 00033050 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-07 06:34 - 2014-03-14 16:35 - 06883448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 03492144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 06:34 - 2014-03-14 16:35 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-04 01:28 - 2014-03-28 09:27 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\.minecraft
2015-08-04 00:57 - 2014-08-13 22:08 - 00000000 ____D C:\ProgramData\Glyph
2015-08-03 12:12 - 2014-03-14 16:35 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-01 18:07 - 2014-03-14 16:34 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-01 18:04 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-01 03:51 - 2014-03-14 16:37 - 00000000 ____D C:\Users\Woltagen
2015-07-27 13:58 - 2014-10-07 21:04 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-07-27 13:58 - 2014-06-20 22:52 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-27 13:38 - 2014-12-06 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-07-27 13:38 - 2014-12-06 02:32 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-07-25 13:17 - 2015-04-04 15:30 - 00000000 ___SD C:\WINDOWS\system32\GWX
==================== Files in the root of some directories =======
2014-06-19 07:18 - 2014-06-19 07:18 - 0000024 _____ () C:\Users\Woltagen\AppData\Roaming\temp.ini
2015-08-24 14:54 - 2015-08-24 14:54 - 0029696 _____ () C:\Users\Woltagen\AppData\Local\MSGBOX.EXE
2015-06-14 19:16 - 2015-06-14 19:16 - 0002690 _____ () C:\Users\Woltagen\AppData\Local\recently-used.xbel
2015-03-06 22:40 - 2015-03-06 23:22 - 0000379 ____H () C:\ProgramData\1-0-0-0.txt
2012-11-16 23:55 - 2012-11-16 23:55 - 0000123 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-09-07 16:43 - 2014-09-07 16:43 - 0004131 _____ () C:\ProgramData\mtbjfghn.xbe
Some files in TEMP:
====================
C:\Users\Woltagen\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Woltagen\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Woltagen\AppData\Local\Temp\nvStInst.exe
C:\Users\Woltagen\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-24 05:52
==================== End of log ============================
Nálezy odstraněny a MBAM odinstalován.Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
Ran by Woltagen (administrator) on ABIGAIL (24-08-2015 14:55:08)
Running from C:\Users\Woltagen\Desktop
Loaded Profiles: Woltagen (Available Profiles: Woltagen)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Woltagen\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-11] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Steam] => D:\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [GoogleChromeAutoLaunch_D5BA2FB9C5B6DE37DD0909B2A44BCA7B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File not found
Startup: C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2013-01-08]
ShortcutTarget: IMVU.lnk -> C:\Users\Woltagen\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe ()
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-11] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woltagen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> 171018428C9811CCCDD770300AE72F44 URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> 95D87D7CF4C6371FD29F426EEAF9B3DE URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> B498BBEC801673A2E675E7F2E985D7BB URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> FF743D28E1A652457694111041624D32 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {091AA93D-3D47-4370-BAA1-198E599D56A1} URL =
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {3AE9EEE3-AE1B-4BFC-9E21-34EF52FEBA5F} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=A5DE903E-DCB9-42C2-AA4B-9082DBBF905B&apn_sauid=B7D3B136-4961-4797-98CA-21F2535E48E6
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {675A3A57-DDFA-4FC6-9640-BFFBC60447F3} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-27] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/update ... .196.0.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{0332B9C8-6C79-4962-91AF-6AE8BB5AF772}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Woltagen\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-91284999-528624967-1822222337-1001: @my.com/Games -> C:\Users\Woltagen\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-23] (My.com, Inc)
FF Plugin HKU\S-1-5-21-91284999-528624967-1822222337-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Woltagen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-01] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\firmy.cz-164347.xml [2014-09-07]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\google-avast.xml [2014-12-30]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\seznam.cz-164347.xml [2014-09-07]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\videa.seznam.cz-164347.xml [2014-09-07]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yandex.xml [2014-09-12]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\zbozi.cz-164347.xml [2014-09-07]
FF Extension: Adblock Plus - C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-24]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR Profile: C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-24]
CHR Extension: (Authenticator) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2014-07-10]
CHR Extension: (YouTube) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-24]
CHR Extension: (Battlefield Heroes) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-02-03]
CHR Extension: (Google Search) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-24]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-05-01]
CHR Extension: (AdBlock) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Gmail) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-24]
CHR Profile: C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Google Docs) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Google Drive) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Domain Error Helper) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj [2015-01-13]
CHR Extension: (Google Search) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Google Sheets) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Avast Online Security) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-13]
CHR Extension: (New Tab Assistant) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof [2015-01-13]
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2015-01-13]
CHR Extension: (Slick Savings) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2015-01-13]
CHR Extension: (Google Wallet) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfndaklgolladniicklehhancnlgocpp [2015-01-13]
CHR Extension: (Gmail) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-11] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-26] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated)
S2 CLKMSVC10_96E434EB; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [243728 2012-07-25] (CyberLink)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2012-02-02] (Intel Corporation) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-08-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [14936 2012-08-17] (Intel(R) Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S5 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [533824 2014-10-07] (Microsoft Corporation)
R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation)
S5 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-11] (AVAST Software)
R5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-11] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-11] (AVAST Software)
R5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-11] (AVAST Software)
S5 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation)
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation)
R5 CLFS; C:\Windows\System32\drivers\CLFS.sys [377152 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [561928 2015-03-30] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [498032 2012-07-12] (Intel Corporation)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-02-22] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [354112 2014-08-26] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-04-08] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation)
S5 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [645952 2012-08-16] (Intel Corporation)
R5 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation)
R5 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-17] (Microsoft Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [23832 2012-08-14] (Intel Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation)
R3 KovaPlusFltr; C:\Windows\system32\drivers\KovaPlusFltr.sys [15104 2010-01-25] (ROCCAT Development, Inc.)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100672 2014-10-29] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [178008 2015-06-28] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation)
S5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation)
S5 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation)
S5 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101720 2015-07-16] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [1113944 2015-07-14] (Microsoft Corporation)
R5 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-11] (AVAST Software)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [88896 2014-10-15] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [280384 2014-07-24] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation)
R5 pdc; C:\Windows\System32\drivers\pdc.sys [86336 2014-10-17] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-02-22] (Microsoft Corporation)
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems)
R5 spaceport; C:\Windows\System32\drivers\spaceport.sys [415040 2014-10-29] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.)
S5 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [49944 2014-10-29] (Microsoft Corporation)
S5 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2476376 2015-06-11] (Microsoft Corporation)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation)
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-26] (Avast Software)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation)
S5 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [97048 2014-10-29] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [310080 2014-06-19] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation)
R5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136512 2014-11-10] (Microsoft Corporation)
R5 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-24 14:55 - 2015-08-24 14:55 - 00036025 _____ C:\Users\Woltagen\Desktop\FRST.txt
2015-08-24 14:54 - 2015-08-24 14:54 - 00029696 _____ C:\Users\Woltagen\AppData\Local\MSGBOX.EXE
2015-08-24 14:54 - 2015-08-24 14:54 - 00015327 _____ C:\Users\Woltagen\Desktop\LM.bat
2015-08-24 14:53 - 2015-08-24 14:53 - 00112640 _____ (forum.viry.cz) C:\Users\Woltagen\Desktop\FRSTLauncher.exe
2015-08-23 21:35 - 2015-08-24 14:53 - 00000000 ____D C:\Users\Woltagen\Desktop\Údržba
2015-08-23 19:28 - 2015-08-23 19:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-23 19:27 - 2015-08-23 19:27 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Woltagen\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-23 19:21 - 2015-08-23 19:22 - 00000000 ____D C:\AdwCleaner
2015-08-23 19:20 - 2015-08-23 19:20 - 01605632 _____ C:\Users\Woltagen\Downloads\adwcleaner_5.003.exe
2015-08-23 19:18 - 2015-08-23 19:18 - 01496172 _____ C:\Users\Woltagen\Downloads\CrystalDiskInfo5_0_0.zip
2015-08-23 16:48 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-23 16:48 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-21 18:19 - 2015-08-24 14:55 - 00000000 ____D C:\FRST
2015-08-21 18:09 - 2015-08-21 18:09 - 02173952 _____ (Farbar) C:\Users\Woltagen\Desktop\FRST64.exe
2015-08-21 17:33 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-08-21 17:31 - 2015-08-07 13:06 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 37819000 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-21 17:31 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00512720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00421544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00408184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00364152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-21 17:31 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-21 05:01 - 2015-08-21 05:26 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00001877 _____ C:\Users\Woltagen\Desktop\BitLord.lnk
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Users\Woltagen\Documents\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Users\Woltagen\AppData\Local\BitLord
2015-08-21 05:01 - 2015-08-21 05:01 - 00000000 ____D C:\Program Files (x86)\BitLord
2015-08-13 16:45 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 16:45 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:04 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 22:04 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 22:04 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 22:04 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 22:04 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 22:04 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 22:04 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 22:04 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 22:04 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 22:04 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 22:04 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 22:04 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 22:03 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 22:03 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 22:03 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 22:03 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 22:03 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 22:03 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 22:03 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 22:03 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 22:03 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 22:03 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 22:03 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 22:03 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 22:03 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 22:03 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 22:03 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 22:03 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 22:03 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 22:03 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 22:03 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 22:03 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 22:03 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 22:03 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 22:03 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 22:03 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 22:03 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 22:03 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 22:03 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 22:03 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 22:03 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 22:03 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 22:02 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 22:02 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 22:02 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 22:02 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 22:02 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 22:02 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 22:02 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 22:02 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 22:02 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 22:02 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 22:02 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-12 22:02 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 22:02 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 22:02 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 22:02 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 22:02 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 22:02 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 22:02 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 22:02 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 22:02 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 22:02 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 22:02 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 22:02 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 22:02 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 22:02 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 22:02 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 22:02 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 22:02 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 22:02 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 22:02 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 22:02 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 22:02 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 22:02 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 22:02 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 22:02 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 22:02 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 22:02 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 22:02 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 22:02 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 22:02 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 22:02 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 22:02 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 22:02 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 22:02 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-11 15:10 - 2015-08-24 14:47 - 01705148 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-11 04:19 - 2015-08-23 19:23 - 00017525 _____ C:\WINDOWS\setupact.log
2015-08-11 04:19 - 2015-08-11 04:19 - 00001822 _____ C:\WINDOWS\PFRO.log
2015-08-11 04:19 - 2015-08-11 04:19 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-11 03:18 - 2015-08-11 03:18 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-11 03:18 - 2015-08-11 03:18 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-04 00:46 - 2015-08-04 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-04 00:46 - 2015-08-04 00:46 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-08-02 21:56 - 2015-08-02 21:56 - 00000622 _____ C:\Users\Woltagen\Desktop\Trove PTS-US.lnk
2015-08-02 00:47 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll
2015-08-02 00:47 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-08-02 00:04 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-08-02 00:04 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-08-01 02:38 - 2015-08-01 02:55 - 00000000 ____D C:\Users\Woltagen\Documents\ArcheAge
2015-08-01 02:38 - 2015-08-01 02:38 - 00000000 ____D C:\ArcheAge
2015-07-26 12:41 - 2015-08-11 03:18 - 00115152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-24 14:55 - 2012-12-24 18:52 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-91284999-528624967-1822222337-1001
2015-08-24 14:51 - 2015-01-04 06:38 - 00000000 ____D C:\Program Files\trend micro
2015-08-24 14:48 - 2014-04-28 19:49 - 00003978 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{60FF86FB-E06E-4846-8980-F219021CD6E9}
2015-08-24 14:48 - 2013-02-20 19:46 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-24 14:46 - 2012-12-24 19:27 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\Skype
2015-08-24 14:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-24 05:44 - 2014-08-13 22:08 - 00000000 ____D C:\Users\Woltagen\AppData\Local\Glyph
2015-08-24 04:47 - 2013-10-25 15:21 - 00000000 ____D C:\Users\Woltagen\AppData\Local\Battle.net
2015-08-24 03:23 - 2014-05-07 16:23 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\vlc
2015-08-23 23:55 - 2012-12-24 19:25 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-23 21:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-23 19:29 - 2013-11-14 14:40 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-23 19:29 - 2013-11-14 14:24 - 00738682 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-23 19:29 - 2013-11-14 14:24 - 00151404 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-23 19:23 - 2014-10-13 21:20 - 00000000 ____D C:\Users\Woltagen\OneDrive
2015-08-23 19:23 - 2014-03-14 16:35 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-23 19:23 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-23 19:22 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-23 16:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-23 16:48 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-23 02:13 - 2012-12-24 19:35 - 00000000 ___RD C:\Users\Woltagen\Desktop\Blbosti
2015-08-21 20:30 - 2013-01-08 18:40 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\IMVU
2015-08-21 17:33 - 2014-03-14 16:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-16 00:55 - 2013-05-26 08:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-15 00:22 - 2015-03-07 12:50 - 00000023 _____ C:\WINDOWS\BlendSettings.ini
2015-08-14 22:14 - 2015-07-23 16:24 - 00000000 ____D C:\Users\Woltagen\AppData\Local\MyComGames
2015-08-14 16:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-14 13:50 - 2013-08-22 16:44 - 00529728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-14 04:29 - 2015-04-15 22:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-14 04:29 - 2015-01-28 19:44 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 04:29 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 03:18 - 2012-12-24 19:19 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-13 21:16 - 2013-01-08 18:40 - 00001939 _____ C:\Users\Woltagen\Desktop\IMVU.lnk
2015-08-13 16:45 - 2013-08-25 11:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 16:43 - 2012-12-25 09:41 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-13 16:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 16:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 03:48 - 2013-02-20 19:46 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-11 03:18 - 2014-05-07 17:27 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-11 03:18 - 2013-12-19 21:59 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-11 03:18 - 2013-03-21 18:59 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-11 03:18 - 2013-03-21 18:59 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-11 03:18 - 2012-12-24 19:20 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-11 03:18 - 2012-12-24 19:19 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-11 03:18 - 2012-12-24 19:19 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-11 03:18 - 2012-12-24 19:19 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-09 14:16 - 2012-12-24 19:27 - 00000000 ____D C:\ProgramData\Skype
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 13:06 - 2014-03-14 16:35 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-08-07 13:06 - 2014-03-14 16:35 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-08-07 13:06 - 2013-09-05 03:47 - 17124832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-07 13:06 - 2013-09-05 03:47 - 14673920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 12513288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 03518248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 03106384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-07 13:06 - 2013-09-05 03:46 - 00033050 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-07 06:34 - 2014-03-14 16:35 - 06883448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 03492144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 06:34 - 2014-03-14 16:35 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-07 06:34 - 2014-03-14 16:35 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-04 01:28 - 2014-03-28 09:27 - 00000000 ____D C:\Users\Woltagen\AppData\Roaming\.minecraft
2015-08-04 00:57 - 2014-08-13 22:08 - 00000000 ____D C:\ProgramData\Glyph
2015-08-03 12:12 - 2014-03-14 16:35 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-01 18:07 - 2014-03-14 16:34 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-01 18:04 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-01 03:51 - 2014-03-14 16:37 - 00000000 ____D C:\Users\Woltagen
2015-07-27 13:58 - 2014-10-07 21:04 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-07-27 13:58 - 2014-06-20 22:52 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-27 13:38 - 2014-12-06 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-07-27 13:38 - 2014-12-06 02:32 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-07-25 13:17 - 2015-04-04 15:30 - 00000000 ___SD C:\WINDOWS\system32\GWX
==================== Files in the root of some directories =======
2014-06-19 07:18 - 2014-06-19 07:18 - 0000024 _____ () C:\Users\Woltagen\AppData\Roaming\temp.ini
2015-08-24 14:54 - 2015-08-24 14:54 - 0029696 _____ () C:\Users\Woltagen\AppData\Local\MSGBOX.EXE
2015-06-14 19:16 - 2015-06-14 19:16 - 0002690 _____ () C:\Users\Woltagen\AppData\Local\recently-used.xbel
2015-03-06 22:40 - 2015-03-06 23:22 - 0000379 ____H () C:\ProgramData\1-0-0-0.txt
2012-11-16 23:55 - 2012-11-16 23:55 - 0000123 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-09-07 16:43 - 2014-09-07 16:43 - 0004131 _____ () C:\ProgramData\mtbjfghn.xbe
Some files in TEMP:
====================
C:\Users\Woltagen\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Woltagen\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Woltagen\AppData\Local\Temp\nvStInst.exe
C:\Users\Woltagen\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-24 05:52
==================== End of log ============================
- Přílohy
-
- Addition.zip
- (13.11 KiB) Staženo 54 x
Re: Podezření
Logfile of random's system information tool 1.10 (written by random/random)
Run by Woltagen at 2015-08-24 14:51:00
Microsoft Windows 8.1
System drive C: has 38 GB (32%) free of 121 GB
Total RAM: 8150 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:51:01, on 24. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Woltagen.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D5BA2FB9C5B6DE37DD0909B2A44BCA7B] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: IMVU.lnk = Woltagen\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static ... .196.0.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.96.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: CyberLink Product - 2012/11/16 14:07:55 (CLKMSVC10_96E434EB) - CyberLink - C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
--
End of file - 11333 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {3ee725f5-1063-4fff-b3a4df091daadd84}
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3a70c8b2-0f3d-4575-b0be-d5f31ef8e04d -SystemEventPortName:HostProcess-1e3e01cc-75be-4c07-a0a3-34299495fbf8 -IoCancelEventPortName:HostProcess-4f390e35-0b04-4b63-9a41-9200fe606ab8 -NonStateChangingEventPortName:HostProcess-d5ba9cf7-b646-4fb8-8f5d-08c65225bf13 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:330dcce2-4cd1-47e9-b0d4-a1b52bfde5b6 -DeviceGroupId:WpdFsGroup
taskeng.exe {3E33B1C7-12E2-4913-8D14-B622A21B09AE}
taskhostex.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
taskhost.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 947bc72e-951e-4dd1-93cb-66347e087ec6
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\ng\ngtool.exe" build create -repair 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files\AVAST Software\Avast\ng\ngtool.exe" build registry "C:\ProgramData\AVAST Software\Avast\ng\registry\regs.ini"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8832.0.965672937\1159638717" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45,55 --gpu-vendor-id=0x10de --gpu-device-id=0x1185 --gpu-driver-vendor=NVIDIA --gpu-driver-version=10.18.13.5560 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="8832.2.1949440088\2060442426" --font-cache-shared-handle=2416 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="8832.3.1982991985\358201521" --font-cache-shared-handle=2540 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="8832.7.1112417177\2130694006" --font-cache-shared-handle=5332 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="8832.8.1793351642\1260765203" --font-cache-shared-handle=6024 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="8832.9.1170310042\795637614" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="8832.10.373586404\629657494" --font-cache-shared-handle=4824 /prefetch:673131151
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Woltagen\Desktop\Údržba\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Woltagen\AppData\Roaming\raidcall\plugins\nprcplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll
C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\
firmy.cz-164347.xml
google-avast.xml
Google.xml
seznam.cz-164347.xml
videa.seznam.cz-164347.xml
yandex.xml
zbozi.cz-164347.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-27 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-27 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-07-24 1710568]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Steam\steam.exe [2015-08-19 2899136]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53655680]
"GoogleChromeAutoLaunch_D5BA2FB9C5B6DE37DD0909B2A44BCA7B"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-08-18 813896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-11 6109776]
""= []
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2015-08-03 5579624]
C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IMVU.lnk - C:\Users\Woltagen\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"VIDC.XFR1"=xfcodec64.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-23 19:28:31 ----D---- C:\ProgramData\Malwarebytes
2015-08-23 19:21:36 ----D---- C:\AdwCleaner
2015-08-23 16:48:04 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-23 16:48:03 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-21 18:19:06 ----D---- C:\FRST
2015-08-21 17:33:28 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvopencl.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvinitx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcuda.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2015-08-21 05:01:52 ----D---- C:\Users\Woltagen\AppData\Roaming\BitLord
2015-08-21 05:01:23 ----D---- C:\Program Files (x86)\BitLord
2015-08-13 16:45:42 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 16:45:42 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-08-12 22:03:23 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\wininet.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\ieui.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\jscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-12 22:02:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\WebClnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\invagent.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\devinv.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\davclnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-12 22:02:50 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-08-12 22:02:50 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-08-12 22:02:36 ----A---- C:\WINDOWS\system32\csrsrv.dll
2015-08-12 22:02:36 ----A---- C:\WINDOWS\system32\basesrv.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-12 22:02:35 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\netcfgx.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-08-12 22:02:35 ----A---- C:\WINDOWS\notepad.exe
2015-08-12 22:02:34 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-08-12 22:02:34 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-08-12 22:02:33 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-08-12 22:02:32 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2015-08-12 22:02:32 ----A---- C:\WINDOWS\system32\mstscax.dll
2015-08-12 22:02:31 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2015-08-12 22:02:31 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\win32k.sys
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-11 03:18:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-08-11 03:18:53 ----A---- C:\WINDOWS\avastSS.scr
2015-08-04 00:46:30 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2015-08-03 12:12:32 ----AH---- C:\WINDOWS\system32\drivers\Hamdrv.sys
2015-08-02 00:47:51 ----A---- C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-08-02 00:47:51 ----A---- C:\WINDOWS\system32\nvdispco6435362.dll
2015-08-02 00:04:16 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2015-08-02 00:04:16 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2015-08-01 02:38:42 ----D---- C:\ArcheAge
2015-07-26 12:41:21 ----A---- C:\WINDOWS\system32\drivers\ngvss.sys
======List of files/folders modified in the last 1 month======
2015-08-24 14:51:00 ----D---- C:\Program Files\trend micro
2015-08-24 14:50:02 ----RD---- C:\Program Files (x86)
2015-08-24 14:50:02 ----D---- C:\WINDOWS\system32\drivers
2015-08-24 14:49:20 ----D---- C:\WINDOWS\Prefetch
2015-08-24 14:46:06 ----D---- C:\Users\Woltagen\AppData\Roaming\Skype
2015-08-24 14:45:18 ----SHD---- C:\System Volume Information
2015-08-24 14:44:39 ----D---- C:\WINDOWS\Temp
2015-08-24 14:44:38 ----D---- C:\WINDOWS\system32\sru
2015-08-24 05:52:16 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-24 05:52:10 ----D---- C:\WINDOWS\system32\config
2015-08-24 03:23:31 ----D---- C:\Users\Woltagen\AppData\Roaming\vlc
2015-08-23 21:20:23 ----D---- C:\WINDOWS\system32\NDF
2015-08-23 19:29:42 ----RD---- C:\WINDOWS\System32
2015-08-23 19:29:42 ----D---- C:\WINDOWS\Inf
2015-08-23 19:29:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-23 19:28:31 ----HD---- C:\ProgramData
2015-08-23 19:25:20 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-08-23 19:23:20 ----D---- C:\WINDOWS\WinSxS
2015-08-23 19:23:16 ----D---- C:\ProgramData\NVIDIA
2015-08-23 19:22:50 ----D---- C:\WINDOWS\SysWOW64
2015-08-23 16:48:15 ----HD---- C:\Program Files\WindowsApps
2015-08-23 16:48:15 ----D---- C:\WINDOWS\CbsTemp
2015-08-23 16:48:15 ----D---- C:\WINDOWS\AppReadiness
2015-08-21 20:30:33 ----D---- C:\Users\Woltagen\AppData\Roaming\IMVU
2015-08-21 18:20:16 ----D---- C:\Windows
2015-08-21 17:33:49 ----D---- C:\ProgramData\NVIDIA Corporation
2015-08-21 17:33:26 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-21 05:01:31 ----SHD---- C:\WINDOWS\Installer
2015-08-15 00:22:17 ----A---- C:\WINDOWS\BlendSettings.ini
2015-08-14 16:20:54 ----D---- C:\WINDOWS\rescache
2015-08-14 16:13:26 ----RSD---- C:\WINDOWS\assembly
2015-08-14 04:29:39 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-14 04:29:39 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-08-14 04:29:39 ----D---- C:\WINDOWS\system32\appraiser
2015-08-14 04:29:39 ----D---- C:\WINDOWS\apppatch
2015-08-14 04:29:39 ----D---- C:\Program Files\Windows Defender
2015-08-14 04:29:39 ----D---- C:\Program Files\Internet Explorer
2015-08-14 04:29:39 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-14 04:29:39 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 16:45:24 ----D---- C:\WINDOWS\system32\MRT
2015-08-13 16:43:29 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-11 15:20:33 ----D---- C:\WINDOWS\debug
2015-08-11 15:10:02 ----D---- C:\WINDOWS\SoftwareDistribution
2015-08-11 03:21:38 ----D---- C:\WINDOWS\Logs
2015-08-11 03:18:56 ----D---- C:\WINDOWS\system32\Tasks
2015-08-11 03:18:48 ----D---- C:\WINDOWS\system32\catroot2
2015-08-09 14:16:14 ----D---- C:\ProgramData\Skype
2015-08-08 15:55:08 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\OpenCL.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\nvapi64.dll
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvshext.dll
2015-08-07 06:34:32 ----A---- C:\WINDOWS\system32\nvmctray.dll
2015-08-07 06:34:31 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 06:34:31 ----A---- C:\WINDOWS\system32\nvcpl.dll
2015-08-04 01:28:48 ----D---- C:\Users\Woltagen\AppData\Roaming\.minecraft
2015-08-04 00:57:32 ----D---- C:\ProgramData\Glyph
2015-08-01 18:07:18 ----DC---- C:\WINDOWS\Panther
2015-08-01 18:04:47 ----HD---- C:\$Windows.~BT
2015-07-27 13:58:33 ----D---- C:\Program Files (x86)\Common Files
2015-07-27 13:58:25 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-07-27 13:58:22 ----D---- C:\Program Files (x86)\Java
2015-07-27 13:38:40 ----D---- C:\WINDOWS\SYSWOW64\vbox
2015-07-27 13:38:40 ----D---- C:\WINDOWS\system32\vbox
2015-07-25 13:17:26 ----SD---- C:\WINDOWS\system32\GWX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-08-11 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-08-11 274808]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2015-08-11 115152]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-08-11 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-08-14 1048344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-08-11 447944]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-09-12 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-09-12 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-12 62776]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-08-11 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-08-11 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-08-11 150672]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2012-08-14 23832]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-26 273824]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
R3 e1cexpress;@oem13.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [2012-07-12 498032]
R3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2015-08-03 45680]
R3 ICCWDT;@oem22.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2012-07-17 26432]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-10 4083600]
R3 KovaPlusFltr;@oem17.inf,%SvcDispName%;ROCCAT Kova[+] Mouse; C:\WINDOWS\system32\drivers\KovaPlusFltr.sys [2010-01-25 15104]
R3 MEIx64;@oem24.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-06-17 204648]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-08-07 11076216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-07-24 19600]
R3 nvvad_WaveExtensible;@oem77.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-07-03 47976]
R3 RSUSBSTOR;@oem26.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-07-05 252048]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-03-14 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
S3 androidusb;@oem46.inf,%androidusb.SvcDesc%;ADB Interface Driver; C:\WINDOWS\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DrvAgent64;DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [2015-01-19 21712]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-08-11 146600]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-24 1155216]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-08-03 2545512]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-08-03 417552]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-24 1871504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-07-24 5544592]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-08-07 937592]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-08-12 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-07 410744]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-26 4047768]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-02-02 160256]
S2 CLKMSVC10_96E434EB;CyberLink Product - 2012/11/16 14:07:55; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [2012-07-25 243728]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-24 148080]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
-----------------EOF-----------------
Run by Woltagen at 2015-08-24 14:51:00
Microsoft Windows 8.1
System drive C: has 38 GB (32%) free of 121 GB
Total RAM: 8150 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:51:01, on 24. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Woltagen.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D5BA2FB9C5B6DE37DD0909B2A44BCA7B] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: IMVU.lnk = Woltagen\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static ... .196.0.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.96.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: CyberLink Product - 2012/11/16 14:07:55 (CLKMSVC10_96E434EB) - CyberLink - C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
--
End of file - 11333 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {3ee725f5-1063-4fff-b3a4df091daadd84}
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3a70c8b2-0f3d-4575-b0be-d5f31ef8e04d -SystemEventPortName:HostProcess-1e3e01cc-75be-4c07-a0a3-34299495fbf8 -IoCancelEventPortName:HostProcess-4f390e35-0b04-4b63-9a41-9200fe606ab8 -NonStateChangingEventPortName:HostProcess-d5ba9cf7-b646-4fb8-8f5d-08c65225bf13 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:330dcce2-4cd1-47e9-b0d4-a1b52bfde5b6 -DeviceGroupId:WpdFsGroup
taskeng.exe {3E33B1C7-12E2-4913-8D14-B622A21B09AE}
taskhostex.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
taskhost.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 947bc72e-951e-4dd1-93cb-66347e087ec6
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\ng\ngtool.exe" build create -repair 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files\AVAST Software\Avast\ng\ngtool.exe" build registry "C:\ProgramData\AVAST Software\Avast\ng\registry\regs.ini"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8832.0.965672937\1159638717" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45,55 --gpu-vendor-id=0x10de --gpu-device-id=0x1185 --gpu-driver-vendor=NVIDIA --gpu-driver-version=10.18.13.5560 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="8832.2.1949440088\2060442426" --font-cache-shared-handle=2416 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="8832.3.1982991985\358201521" --font-cache-shared-handle=2540 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="8832.7.1112417177\2130694006" --font-cache-shared-handle=5332 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="8832.8.1793351642\1260765203" --font-cache-shared-handle=6024 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="8832.9.1170310042\795637614" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_08/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="8832.10.373586404\629657494" --font-cache-shared-handle=4824 /prefetch:673131151
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Woltagen\Desktop\Údržba\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Woltagen\AppData\Roaming\raidcall\plugins\nprcplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll
C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\
firmy.cz-164347.xml
google-avast.xml
Google.xml
seznam.cz-164347.xml
videa.seznam.cz-164347.xml
yandex.xml
zbozi.cz-164347.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-27 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-27 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-07-24 1710568]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Steam\steam.exe [2015-08-19 2899136]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53655680]
"GoogleChromeAutoLaunch_D5BA2FB9C5B6DE37DD0909B2A44BCA7B"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-08-18 813896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-11 6109776]
""= []
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2015-08-03 5579624]
C:\Users\Woltagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IMVU.lnk - C:\Users\Woltagen\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"VIDC.XFR1"=xfcodec64.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-23 19:28:31 ----D---- C:\ProgramData\Malwarebytes
2015-08-23 19:21:36 ----D---- C:\AdwCleaner
2015-08-23 16:48:04 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-23 16:48:03 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-21 18:19:06 ----D---- C:\FRST
2015-08-21 17:33:28 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvopencl.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvinitx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcuda.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2015-08-21 17:31:52 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2015-08-21 05:01:52 ----D---- C:\Users\Woltagen\AppData\Roaming\BitLord
2015-08-21 05:01:23 ----D---- C:\Program Files (x86)\BitLord
2015-08-13 16:45:42 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 16:45:42 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-12 22:04:10 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-08-12 22:04:09 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-08-12 22:03:23 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-12 22:03:22 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\wininet.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\ieui.dll
2015-08-12 22:03:21 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-12 22:03:20 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-08-12 22:03:19 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\jscript.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-08-12 22:03:18 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-12 22:02:53 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-12 22:02:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\WebClnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\invagent.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\devinv.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\davclnt.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-08-12 22:02:51 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-12 22:02:50 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-08-12 22:02:50 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-08-12 22:02:36 ----A---- C:\WINDOWS\system32\csrsrv.dll
2015-08-12 22:02:36 ----A---- C:\WINDOWS\system32\basesrv.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-12 22:02:35 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\netcfgx.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 22:02:35 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-08-12 22:02:35 ----A---- C:\WINDOWS\notepad.exe
2015-08-12 22:02:34 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-08-12 22:02:34 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-08-12 22:02:33 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-08-12 22:02:33 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-08-12 22:02:32 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2015-08-12 22:02:32 ----A---- C:\WINDOWS\system32\mstscax.dll
2015-08-12 22:02:31 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2015-08-12 22:02:31 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\win32k.sys
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-08-12 22:02:26 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-11 03:18:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-08-11 03:18:53 ----A---- C:\WINDOWS\avastSS.scr
2015-08-04 00:46:30 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2015-08-03 12:12:32 ----AH---- C:\WINDOWS\system32\drivers\Hamdrv.sys
2015-08-02 00:47:51 ----A---- C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-08-02 00:47:51 ----A---- C:\WINDOWS\system32\nvdispco6435362.dll
2015-08-02 00:04:16 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2015-08-02 00:04:16 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2015-08-01 02:38:42 ----D---- C:\ArcheAge
2015-07-26 12:41:21 ----A---- C:\WINDOWS\system32\drivers\ngvss.sys
======List of files/folders modified in the last 1 month======
2015-08-24 14:51:00 ----D---- C:\Program Files\trend micro
2015-08-24 14:50:02 ----RD---- C:\Program Files (x86)
2015-08-24 14:50:02 ----D---- C:\WINDOWS\system32\drivers
2015-08-24 14:49:20 ----D---- C:\WINDOWS\Prefetch
2015-08-24 14:46:06 ----D---- C:\Users\Woltagen\AppData\Roaming\Skype
2015-08-24 14:45:18 ----SHD---- C:\System Volume Information
2015-08-24 14:44:39 ----D---- C:\WINDOWS\Temp
2015-08-24 14:44:38 ----D---- C:\WINDOWS\system32\sru
2015-08-24 05:52:16 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-24 05:52:10 ----D---- C:\WINDOWS\system32\config
2015-08-24 03:23:31 ----D---- C:\Users\Woltagen\AppData\Roaming\vlc
2015-08-23 21:20:23 ----D---- C:\WINDOWS\system32\NDF
2015-08-23 19:29:42 ----RD---- C:\WINDOWS\System32
2015-08-23 19:29:42 ----D---- C:\WINDOWS\Inf
2015-08-23 19:29:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-23 19:28:31 ----HD---- C:\ProgramData
2015-08-23 19:25:20 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-08-23 19:23:20 ----D---- C:\WINDOWS\WinSxS
2015-08-23 19:23:16 ----D---- C:\ProgramData\NVIDIA
2015-08-23 19:22:50 ----D---- C:\WINDOWS\SysWOW64
2015-08-23 16:48:15 ----HD---- C:\Program Files\WindowsApps
2015-08-23 16:48:15 ----D---- C:\WINDOWS\CbsTemp
2015-08-23 16:48:15 ----D---- C:\WINDOWS\AppReadiness
2015-08-21 20:30:33 ----D---- C:\Users\Woltagen\AppData\Roaming\IMVU
2015-08-21 18:20:16 ----D---- C:\Windows
2015-08-21 17:33:49 ----D---- C:\ProgramData\NVIDIA Corporation
2015-08-21 17:33:26 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-21 05:01:31 ----SHD---- C:\WINDOWS\Installer
2015-08-15 00:22:17 ----A---- C:\WINDOWS\BlendSettings.ini
2015-08-14 16:20:54 ----D---- C:\WINDOWS\rescache
2015-08-14 16:13:26 ----RSD---- C:\WINDOWS\assembly
2015-08-14 04:29:39 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-14 04:29:39 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-08-14 04:29:39 ----D---- C:\WINDOWS\system32\appraiser
2015-08-14 04:29:39 ----D---- C:\WINDOWS\apppatch
2015-08-14 04:29:39 ----D---- C:\Program Files\Windows Defender
2015-08-14 04:29:39 ----D---- C:\Program Files\Internet Explorer
2015-08-14 04:29:39 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-14 04:29:39 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 16:45:24 ----D---- C:\WINDOWS\system32\MRT
2015-08-13 16:43:29 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-11 15:20:33 ----D---- C:\WINDOWS\debug
2015-08-11 15:10:02 ----D---- C:\WINDOWS\SoftwareDistribution
2015-08-11 03:21:38 ----D---- C:\WINDOWS\Logs
2015-08-11 03:18:56 ----D---- C:\WINDOWS\system32\Tasks
2015-08-11 03:18:48 ----D---- C:\WINDOWS\system32\catroot2
2015-08-09 14:16:14 ----D---- C:\ProgramData\Skype
2015-08-08 15:55:08 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\OpenCL.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-07 13:06:30 ----A---- C:\WINDOWS\system32\nvapi64.dll
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 06:34:33 ----A---- C:\WINDOWS\system32\nvshext.dll
2015-08-07 06:34:32 ----A---- C:\WINDOWS\system32\nvmctray.dll
2015-08-07 06:34:31 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 06:34:31 ----A---- C:\WINDOWS\system32\nvcpl.dll
2015-08-04 01:28:48 ----D---- C:\Users\Woltagen\AppData\Roaming\.minecraft
2015-08-04 00:57:32 ----D---- C:\ProgramData\Glyph
2015-08-01 18:07:18 ----DC---- C:\WINDOWS\Panther
2015-08-01 18:04:47 ----HD---- C:\$Windows.~BT
2015-07-27 13:58:33 ----D---- C:\Program Files (x86)\Common Files
2015-07-27 13:58:25 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-07-27 13:58:22 ----D---- C:\Program Files (x86)\Java
2015-07-27 13:38:40 ----D---- C:\WINDOWS\SYSWOW64\vbox
2015-07-27 13:38:40 ----D---- C:\WINDOWS\system32\vbox
2015-07-25 13:17:26 ----SD---- C:\WINDOWS\system32\GWX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-08-11 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-08-11 274808]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2015-08-11 115152]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-08-11 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-08-14 1048344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-08-11 447944]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-09-12 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-09-12 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-12 62776]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-08-11 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-08-11 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-08-11 150672]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2012-08-14 23832]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-26 273824]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
R3 e1cexpress;@oem13.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [2012-07-12 498032]
R3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2015-08-03 45680]
R3 ICCWDT;@oem22.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2012-07-17 26432]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-10 4083600]
R3 KovaPlusFltr;@oem17.inf,%SvcDispName%;ROCCAT Kova[+] Mouse; C:\WINDOWS\system32\drivers\KovaPlusFltr.sys [2010-01-25 15104]
R3 MEIx64;@oem24.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-06-17 204648]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-08-07 11076216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-07-24 19600]
R3 nvvad_WaveExtensible;@oem77.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-07-03 47976]
R3 RSUSBSTOR;@oem26.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-07-05 252048]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-03-14 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
S3 androidusb;@oem46.inf,%androidusb.SvcDesc%;ADB Interface Driver; C:\WINDOWS\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DrvAgent64;DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [2015-01-19 21712]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-08-11 146600]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-24 1155216]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-08-03 2545512]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-08-03 417552]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-24 1871504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-07-24 5544592]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-08-07 937592]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-08-12 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-07 410744]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-26 4047768]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-02-02 160256]
S2 CLKMSVC10_96E434EB;CyberLink Product - 2012/11/16 14:07:55; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [2012-07-25 243728]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-24 148080]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
-----------------EOF-----------------
Re: Podezření
V pohode, to jsou male veciWoltagen píše:Jej, koukám že to kazím vším co se dá, omlouvám se
Napiste mi velikost adresare plochy (C:\Users\Woltagen\Plocha) Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Steam] => D:\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {091AA93D-3D47-4370-BAA1-198E599D56A1} URL =
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {3AE9EEE3-AE1B-4BFC-9E21-34EF52FEBA5F} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=A5DE903E-DCB9-42C2-AA4B-9082DBBF905B&apn_sauid=B7D3B136-4961-4797-98CA-21F2535E48E6
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yandex.xml [2014-09-12]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfndaklgolladniicklehhancnlgocpp [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
2015-08-23 19:28 - 2015-08-23 19:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-23 19:27 - 2015-08-23 19:27 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Woltagen\Downloads\mbam-setup-2.1.8.1057.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Podezření
Velikost adresáře plochy je 2,86GB.
Fix result of Farbar Recovery Scan Tool (x64) Version:21-08-2015
Ran by Woltagen (2015-08-24 17:11:37) Run:1
Running from C:\Users\Woltagen\Desktop
Loaded Profiles: Woltagen (Available Profiles: Woltagen)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Steam] => D:\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {091AA93D-3D47-4370-BAA1-198E599D56A1} URL =
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {3AE9EEE3-AE1B-4BFC-9E21-34EF52FEBA5F} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=A5DE903E-DCB9-42C2-AA4B-9082DBBF905B&apn_sauid=B7D3B136-4961-4797-98CA-21F2535E48E6
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yandex.xml [2014-09-12]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfndaklgolladniicklehhancnlgocpp [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
2015-08-23 19:28 - 2015-08-23 19:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-23 19:27 - 2015-08-23 19:27 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Woltagen\Downloads\mbam-setup-2.1.8.1057.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => key removed successfully
HKCR\Wow6432Node\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => key not found.
HKU\S-1-5-21-91284999-528624967-1822222337-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-91284999-528624967-1822222337-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{091AA93D-3D47-4370-BAA1-198E599D56A1}" => key removed successfully
HKCR\CLSID\{091AA93D-3D47-4370-BAA1-198E599D56A1} => key not found.
"HKU\S-1-5-21-91284999-528624967-1822222337-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3AE9EEE3-AE1B-4BFC-9E21-34EF52FEBA5F}" => key removed successfully
HKCR\CLSID\{3AE9EEE3-AE1B-4BFC-9E21-34EF52FEBA5F} => key not found.
"HKU\S-1-5-21-91284999-528624967-1822222337-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => key removed successfully
HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}" => key removed successfully
HKCR\Wow6432Node\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value removed successfully
HKCR\Wow6432Node\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value removed successfully
HKCR\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully
C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yandex.xml => moved successfully
C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfndaklgolladniicklehhancnlgocpp => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => service removed successfully
NAUpdate => service removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
AdobeFlashPlayerUpdateSvc => service removed successfully
gupdatem => service removed successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Users\Woltagen\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.2 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 17:11:52 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:21-08-2015
Ran by Woltagen (2015-08-24 17:11:37) Run:1
Running from C:\Users\Woltagen\Desktop
Loaded Profiles: Woltagen (Available Profiles: Woltagen)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Steam] => D:\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-91284999-528624967-1822222337-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {091AA93D-3D47-4370-BAA1-198E599D56A1} URL =
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {3AE9EEE3-AE1B-4BFC-9E21-34EF52FEBA5F} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=A5DE903E-DCB9-42C2-AA4B-9082DBBF905B&apn_sauid=B7D3B136-4961-4797-98CA-21F2535E48E6
SearchScopes: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKU\S-1-5-21-91284999-528624967-1822222337-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF SearchPlugin: C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yandex.xml [2014-09-12]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfndaklgolladniicklehhancnlgocpp [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
2015-08-23 19:28 - 2015-08-23 19:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-23 19:27 - 2015-08-23 19:27 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Woltagen\Downloads\mbam-setup-2.1.8.1057.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => key removed successfully
HKCR\Wow6432Node\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => key not found.
HKU\S-1-5-21-91284999-528624967-1822222337-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-91284999-528624967-1822222337-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{091AA93D-3D47-4370-BAA1-198E599D56A1}" => key removed successfully
HKCR\CLSID\{091AA93D-3D47-4370-BAA1-198E599D56A1} => key not found.
"HKU\S-1-5-21-91284999-528624967-1822222337-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3AE9EEE3-AE1B-4BFC-9E21-34EF52FEBA5F}" => key removed successfully
HKCR\CLSID\{3AE9EEE3-AE1B-4BFC-9E21-34EF52FEBA5F} => key not found.
"HKU\S-1-5-21-91284999-528624967-1822222337-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => key removed successfully
HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}" => key removed successfully
HKCR\Wow6432Node\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value removed successfully
HKCR\Wow6432Node\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
HKU\S-1-5-21-91284999-528624967-1822222337-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value removed successfully
HKCR\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully
C:\Users\Woltagen\AppData\Roaming\Mozilla\Firefox\Profiles\122gs1mx.default\searchplugins\yandex.xml => moved successfully
C:\Users\Woltagen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfndaklgolladniicklehhancnlgocpp => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => service removed successfully
NAUpdate => service removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
AdobeFlashPlayerUpdateSvc => service removed successfully
gupdatem => service removed successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Users\Woltagen\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.2 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 17:11:52 ====
Re: Podezření
Update: Složku co jsem měl na ploše jsem přesunul na Dčko a udělal jsem si na plochu zástupce - současná velikost adresáře plochy 11,7MB
Re: Podezření
Woltagen píše:Update: Složku co jsem měl na ploše jsem přesunul na Dčko a udělal jsem si na plochu zástupce - současná velikost adresáře plochy 11,7MB
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Podezření
C defragmentováno, D bude ještě pár hodin trvat ale už teď to šlape o dost lépe 
mělo by tedy teď být bezpečné změnit si steam heslo, aniž by na něj znovu přišli? Děkuju moc
ale už teď to šlape o dost lépe mělo by tedy teď být bezpečné změnit si steam heslo, aniž by na něj znovu přišli? Děkuju moc Re: Podezření
Logy nic zvlastniho neukazuji, takze by to melo byt teoreticky bezpecne. Prakticky se ukazeWoltagen píše:mělo by tedy teď být bezpečné změnit si steam heslo, aniž by na něj znovu přišli?
13.9.
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?