Zdravím, nemůžu se zbavit pokki, ale asi tam toho bude vic..., děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by JJ at 2016-01-03 17:54:19
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 218 GB (23%) free of 954 GB
Total RAM: 4094 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:54:31, on 3.1.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16723)
Boot mode: Normal
Running processes:
C:\Users\JJ\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\JJ\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files\trend micro\JJ.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: (no name) - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - (no file)
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] "C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [3035341367C366A3418FB789888D29044552D9E4._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Application Restart #5] C:\Users\JJ\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\JJ\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.7.0) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Služba Google Update (gupdate1ca309b241db44e) (gupdate1ca309b241db44e) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12295 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {1BEDDEC9-21F7-4A22-A202-D2A6F7ED0A62}
taskeng.exe {DE909768-B8B3-4030-A809-416BC3FB9145}
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Users\JJ\AppData\Local\Pokki\Engine\pokki.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" P0620Pin.dll,RunDLL32EP 513
"C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe"
"C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Users\JJ\AppData\Local\Pokki\Engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/OneClickSignIn/BlueOnWhite/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderMulti/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin16/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/default/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="1368.1.1164002336\1650015988" /prefetch:3
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe"
"C:\Program Files\Logitech\SetPoint II\SetPointII.exe"
"C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\system32\conime.exe
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 660 664 672 65536 668
"C:\Users\JJ\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000Core.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000UA.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\dsmonitor.job - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Windows\tasks\Google Software Updater.job - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000Core.job - C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000UA.job - C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-08-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2009-09-08 318960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-08-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-08 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5F59BA-B2AB-48D8-9747-54DF806C73B8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-12-30 13662936]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
"PD0620 STISvc"=P0620Pin.dll,RunDLL32EP 513 []
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 130576]
"Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2009-08-13 415752]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2009-08-13 4195848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-11-04 22790776]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-12-26 3093624]
"3035341367C366A3418FB789888D29044552D9E4._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"Dropbox Update"=C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 134512]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48138880]
"Spotify Web Helper"=C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #5"=C:\Users\JJ\AppData\Local\Pokki\Engine\pokki.exe [2013-11-01 8252744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM for Windows]
C:\Users\JJ\AppData\Local\AOL\AIM\aim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2015-06-26 1861640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\JJ\AppData\Roaming\Spotify\Spotify.exe [2015-08-11 7574584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2015-09-04 433160]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-09 6133520]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2015-02-17 3391200]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.XFR1"=xfcodec64.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.lags"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-01-03 17:01:33 ----D---- C:\rsit
2016-01-03 17:01:33 ----D---- C:\Program Files\trend micro
2016-01-03 15:48:20 ----D---- C:\Users\JJ\AppData\Roaming\Solvusoft
2016-01-03 15:48:17 ----A---- C:\Windows\system32\roboot64.exe
2015-12-25 12:32:07 ----D---- C:\Program Files (x86)\OBD-DIAG
2015-12-15 17:13:37 ----D---- C:\Users\JJ\AppData\Roaming\Albion
2015-12-15 17:10:41 ----D---- C:\Users\JJ\AppData\Roaming\AlbionOnline
2015-12-15 17:04:30 ----D---- C:\ProgramData\Package Cache
2015-12-15 16:56:23 ----D---- C:\Program Files (x86)\AlbionOnline
2015-12-13 17:01:17 ----A---- C:\Windows\system32\jscript9.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-12-13 17:01:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-13 17:01:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\wininet.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\vbscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\jscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-13 17:00:54 ----A---- C:\Windows\system32\ieui.dll
2015-12-13 17:00:53 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\mshta.exe
2015-12-13 17:00:51 ----A---- C:\Windows\system32\mshtml.dll
2015-12-13 17:00:50 ----A---- C:\Windows\SYSWOW64\url.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\urlmon.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\mshta.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\iertutil.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-12-13 17:00:48 ----A---- C:\Windows\system32\url.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-12-13 17:00:47 ----A---- C:\Windows\system32\ieframe.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-13 17:00:43 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2015-12-13 17:00:43 ----A---- C:\Windows\system32\msfeedssync.exe
2015-12-09 16:47:48 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-09 16:46:47 ----A---- C:\Windows\SYSWOW64\els.dll
2015-12-09 16:46:47 ----A---- C:\Windows\system32\els.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\FntCache.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\DWrite.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d2d1.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-12-09 16:46:10 ----A---- C:\Windows\system32\win32k.sys
2015-12-09 16:46:10 ----A---- C:\Windows\system32\user32.dll
2015-12-09 16:31:37 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-12-09 16:31:37 ----A---- C:\Windows\system32\tzres.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\catsrvut.dll
======List of files/folders modified in the last 1 month======
2016-01-03 17:54:22 ----D---- C:\Windows\Temp
2016-01-03 17:50:06 ----D---- C:\Program Files (x86)\Spyware Terminator
2016-01-03 17:50:00 ----HD---- C:\ProgramData
2016-01-03 17:49:59 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-03 17:48:55 ----D---- C:\Program Files\SUPERAntiSpyware
2016-01-03 17:47:39 ----RD---- C:\Program Files (x86)
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\TeamViewer
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\MPC-HC
2016-01-03 17:34:50 ----D---- C:\Users\JJ\AppData\Roaming\Seznam Browser
2016-01-03 17:32:54 ----D---- C:\Windows\Prefetch
2016-01-03 17:28:27 ----D---- C:\Users\JJ\AppData\Roaming\Dropbox
2016-01-03 17:28:17 ----D---- C:\Users\JJ\AppData\Roaming\Skype
2016-01-03 17:11:10 ----D---- C:\Windows\system32\catroot
2016-01-03 17:01:33 ----D---- C:\Program Files
2016-01-03 16:58:49 ----SHD---- C:\System Volume Information
2016-01-03 16:55:55 ----D---- C:\Users\JJ\AppData\Roaming\TS3Client
2016-01-03 16:55:40 ----D---- C:\Windows\Minidump
2016-01-03 16:55:40 ----D---- C:\Windows\inf
2016-01-03 16:55:40 ----D---- C:\Windows\Debug
2016-01-03 16:55:40 ----D---- C:\Windows
2016-01-03 16:45:37 ----SHD---- C:\Windows\Installer
2016-01-03 16:45:36 ----SHD---- C:\Config.Msi
2016-01-03 16:45:26 ----D---- C:\Program Files (x86)\Garmin
2016-01-03 16:44:51 ----D---- C:\Garmin
2016-01-03 16:27:04 ----D---- C:\Windows\system32\config
2016-01-03 16:22:36 ----D---- C:\Windows\Tasks
2016-01-03 16:17:40 ----D---- C:\Windows\system32\Tasks
2016-01-03 16:17:27 ----D---- C:\Windows\System32
2016-01-03 16:00:37 ----D---- C:\Windows\system32\drivers
2016-01-01 13:51:28 ----D---- C:\Users\JJ\AppData\Roaming\GeoGet
2015-12-29 18:58:09 ----D---- C:\Program Files (x86)\GeoGet
2015-12-28 21:42:16 ----D---- C:\Program Files (x86)\Battle.net
2015-12-27 18:23:59 ----D---- C:\Users\JJ\AppData\Roaming\vlc
2015-12-25 12:33:36 ----D---- C:\Windows\SysWOW64
2015-12-25 12:32:08 ----RSD---- C:\Windows\Fonts
2015-12-25 10:22:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-24 14:41:19 ----D---- C:\Program Files (x86)\Diablo III
2015-12-24 14:40:48 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-12-21 18:02:46 ----D---- C:\Program Files\TeamSpeak 3 Client
2015-12-21 13:16:14 ----D---- C:\Program Files (x86)\Hearthstone
2015-12-20 10:03:05 ----D---- C:\Windows\Microsoft.NET
2015-12-20 09:03:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-12-16 17:07:36 ----D---- C:\Users\JJ\AppData\Roaming\Mozilla
2015-12-14 15:26:57 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-12-14 15:26:57 ----D---- C:\ProgramData\Apple Computer
2015-12-14 15:24:13 ----D---- C:\Program Files\Common Files
2015-12-14 15:19:44 ----D---- C:\Program Files (x86)\Common Files
2015-12-14 15:10:39 ----D---- C:\ProgramData\Apple
2015-12-14 14:44:56 ----D---- C:\Windows\system32\catroot2
2015-12-14 12:20:20 ----D---- C:\Windows\rescache
2015-12-14 11:51:43 ----D---- C:\Windows\SYSWOW64\migration
2015-12-14 11:51:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-14 11:51:42 ----D---- C:\Windows\system32\migration
2015-12-14 11:51:37 ----D---- C:\Program Files\Internet Explorer
2015-12-13 21:32:56 ----D---- C:\Windows\winsxs
2015-12-10 11:16:12 ----RSD---- C:\Windows\assembly
2015-12-10 10:29:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\system32\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\ehome
2015-12-09 16:47:20 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 16:46:08 ----D---- C:\Windows\system32\MRT
2015-12-09 16:33:07 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-06 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-06 274808]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-11-04 98144]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-01-25 386680]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-10-06 64712]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-09 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-09 449992]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-06 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-06 90968]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-10-06 206816]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-30 3707864]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-12-30 12613408]
R3 P0620VID;Creative WebCam Instant; C:\Windows\system32\DRIVERS\P0620Vid.sys [2005-08-15 126848]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2013-12-29 628368]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 Alpham1;Ideazon ZBoard USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham164.sys [2007-07-23 52992]
S3 Alpham2;Ideazon ZBoard MM USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham264.sys [2007-03-20 21760]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-10-06 65224]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-07-25 23080]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S3 WinRing0_1_2_0;WinRing0_1_2_0; C:\Windows\system32\drivers\WinRing0_1_2_0.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 22528]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-04-11 24064]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-10-06 146600]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 ezGOSvc;Easybits GO Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-16 76888]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
S2 gupdate1ca309b241db44e;Služba Google Update (gupdate1ca309b241db44e); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-11-05 194104]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-11 267440]
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-29 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 1009864]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Díky, tady je výpis :
# AdwCleaner v5.027 - Logfile created 03/01/2016 at 20:46:30
# Updated 30/12/2015 by Xplode
# Database : 2015-12-30.1 [Server]
# Operating system : Windows (TM) Vista Home Premium Service Pack 2 (x64)
# Username : JJ - JJ-PC
# Running from : C:\Users\JJ\Desktop\adwcleaner_5.027.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[#] Folder Deleted : C:\Users\JJ\AppData\Local\pokki
[#] Folder Deleted : C:\Users\JJ\AppData\Roaming\Solvusoft
[#] Folder Deleted : C:\Users\JJ\AppData\Roaming\RHEng
[#] Folder Deleted : C:\Users\JJ\AppData\Roaming\BitLord
[#] Folder Deleted : C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pokki
[#] Folder Deleted : C:\Users\JJ\AppData\Roaming\Mozilla\Firefox\Profiles\dnsrcto8.default\Extensions\searchads@instair.net
***** [ Files ] *****
[-] File Deleted : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkcefkcdkepgkpbgncjchhbjgoanleod
[-] File Deleted : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\glmfgahfleepmdfffonfckpmkondpdkg
[-] File Deleted : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage
[-] File Deleted : C:\Windows\SysNative\roboot64.exe
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : dsmonitor
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Pokki
[-] Key Deleted : HKU\.DEFAULT\Software\CToolbar
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Search Settings
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8E04F35E-EFD5-4F8C-B424-879E32BFBDF7}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
***** [ Web browsers ] *****
[-] [C:\Users\JJ\AppData\Roaming\Mozilla\Firefox\Profiles\dnsrcto8.default\prefs.js] [Preference] Deleted : user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&ilc=12&type=685749");
[-] [C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : yahoo.com
[-] [C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : krbovedrivi.eu
[-] [C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : jezkovyvoci.eu
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [4672 bytes] ##########
# AdwCleaner v5.027 - Logfile created 03/01/2016 at 20:46:30
# Updated 30/12/2015 by Xplode
# Database : 2015-12-30.1 [Server]
# Operating system : Windows (TM) Vista Home Premium Service Pack 2 (x64)
# Username : JJ - JJ-PC
# Running from : C:\Users\JJ\Desktop\adwcleaner_5.027.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[#] Folder Deleted : C:\Users\JJ\AppData\Local\pokki
[#] Folder Deleted : C:\Users\JJ\AppData\Roaming\Solvusoft
[#] Folder Deleted : C:\Users\JJ\AppData\Roaming\RHEng
[#] Folder Deleted : C:\Users\JJ\AppData\Roaming\BitLord
[#] Folder Deleted : C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pokki
[#] Folder Deleted : C:\Users\JJ\AppData\Roaming\Mozilla\Firefox\Profiles\dnsrcto8.default\Extensions\searchads@instair.net
***** [ Files ] *****
[-] File Deleted : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkcefkcdkepgkpbgncjchhbjgoanleod
[-] File Deleted : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\glmfgahfleepmdfffonfckpmkondpdkg
[-] File Deleted : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage
[-] File Deleted : C:\Windows\SysNative\roboot64.exe
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : dsmonitor
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Pokki
[-] Key Deleted : HKU\.DEFAULT\Software\CToolbar
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Search Settings
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8E04F35E-EFD5-4F8C-B424-879E32BFBDF7}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
***** [ Web browsers ] *****
[-] [C:\Users\JJ\AppData\Roaming\Mozilla\Firefox\Profiles\dnsrcto8.default\prefs.js] [Preference] Deleted : user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&ilc=12&type=685749");
[-] [C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : yahoo.com
[-] [C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : krbovedrivi.eu
[-] [C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : jezkovyvoci.eu
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [4672 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by JJ at 2016-01-03 21:31:52
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 218 GB (23%) free of 954 GB
Total RAM: 4094 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:32:08, on 3.1.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16723)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files\trend micro\JJ.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: (no name) - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - (no file)
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] "C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [3035341367C366A3418FB789888D29044552D9E4._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.7.0) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Služba Google Update (gupdate1ca309b241db44e) (gupdate1ca309b241db44e) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11351 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
taskeng.exe {8E29E62E-DB8B-4B2D-8642-FD2AD2DD2B7C}
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
taskeng.exe {DDB8A1BC-702C-429D-96CF-1C6A6E70BF10}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\rundll32.exe" P0620Pin.dll,RunDLL32EP 513
"C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe"
"C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe"
"C:\Program Files\Logitech\SetPoint II\SetPointII.exe"
"C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
KHALMNPR.EXE /API
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\system32\conime.exe
splwow64
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 660 664 672 65536 668
"C:\Users\JJ\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000Core.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000UA.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Google Software Updater.job - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000Core.job - C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000UA.job - C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-08-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2009-09-08 318960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-08-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-08 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5F59BA-B2AB-48D8-9747-54DF806C73B8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-12-30 13662936]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
"PD0620 STISvc"=P0620Pin.dll,RunDLL32EP 513 []
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 130576]
"Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2009-08-13 415752]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2009-08-13 4195848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-11-04 22790776]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-12-26 3093624]
"3035341367C366A3418FB789888D29044552D9E4._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"Dropbox Update"=C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 134512]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48138880]
"Spotify Web Helper"=C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM for Windows]
C:\Users\JJ\AppData\Local\AOL\AIM\aim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2015-06-26 1861640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\JJ\AppData\Roaming\Spotify\Spotify.exe [2015-08-11 7574584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2015-09-04 433160]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-09 6133520]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2015-02-17 3391200]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.XFR1"=xfcodec64.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.lags"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-01-03 17:01:33 ----D---- C:\rsit
2016-01-03 17:01:33 ----D---- C:\Program Files\trend micro
2015-12-25 12:32:07 ----D---- C:\Program Files (x86)\OBD-DIAG
2015-12-15 17:13:37 ----D---- C:\Users\JJ\AppData\Roaming\Albion
2015-12-15 17:10:41 ----D---- C:\Users\JJ\AppData\Roaming\AlbionOnline
2015-12-15 17:04:30 ----D---- C:\ProgramData\Package Cache
2015-12-15 16:56:23 ----D---- C:\Program Files (x86)\AlbionOnline
2015-12-13 17:01:17 ----A---- C:\Windows\system32\jscript9.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-12-13 17:01:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-13 17:01:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\wininet.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\vbscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\jscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-13 17:00:54 ----A---- C:\Windows\system32\ieui.dll
2015-12-13 17:00:53 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\mshta.exe
2015-12-13 17:00:51 ----A---- C:\Windows\system32\mshtml.dll
2015-12-13 17:00:50 ----A---- C:\Windows\SYSWOW64\url.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\urlmon.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\mshta.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\iertutil.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-12-13 17:00:48 ----A---- C:\Windows\system32\url.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-12-13 17:00:47 ----A---- C:\Windows\system32\ieframe.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-13 17:00:43 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2015-12-13 17:00:43 ----A---- C:\Windows\system32\msfeedssync.exe
2015-12-09 16:47:48 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-09 16:46:47 ----A---- C:\Windows\SYSWOW64\els.dll
2015-12-09 16:46:47 ----A---- C:\Windows\system32\els.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\FntCache.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\DWrite.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d2d1.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-12-09 16:46:10 ----A---- C:\Windows\system32\win32k.sys
2015-12-09 16:46:10 ----A---- C:\Windows\system32\user32.dll
2015-12-09 16:31:37 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-12-09 16:31:37 ----A---- C:\Windows\system32\tzres.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\catsrvut.dll
======List of files/folders modified in the last 1 month======
2016-01-03 21:32:02 ----D---- C:\Windows\Temp
2016-01-03 21:10:39 ----D---- C:\Windows
2016-01-03 21:03:01 ----D---- C:\Users\JJ\AppData\Roaming\Skype
2016-01-03 20:56:20 ----D---- C:\Users\JJ\AppData\Roaming\Dropbox
2016-01-03 20:49:32 ----RD---- C:\Program Files (x86)
2016-01-03 20:46:50 ----D---- C:\Windows\System32
2016-01-03 20:46:31 ----D---- C:\AdwCleaner
2016-01-03 17:50:00 ----HD---- C:\ProgramData
2016-01-03 17:49:59 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-03 17:48:55 ----D---- C:\Program Files\SUPERAntiSpyware
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\TeamViewer
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\MPC-HC
2016-01-03 17:34:50 ----D---- C:\Users\JJ\AppData\Roaming\Seznam Browser
2016-01-03 17:32:54 ----D---- C:\Windows\Prefetch
2016-01-03 17:11:10 ----D---- C:\Windows\system32\catroot
2016-01-03 17:01:33 ----D---- C:\Program Files
2016-01-03 16:58:49 ----SHD---- C:\System Volume Information
2016-01-03 16:55:55 ----D---- C:\Users\JJ\AppData\Roaming\TS3Client
2016-01-03 16:55:40 ----D---- C:\Windows\Minidump
2016-01-03 16:55:40 ----D---- C:\Windows\inf
2016-01-03 16:55:40 ----D---- C:\Windows\Debug
2016-01-03 16:45:37 ----SHD---- C:\Windows\Installer
2016-01-03 16:45:36 ----SHD---- C:\Config.Msi
2016-01-03 16:45:26 ----D---- C:\Program Files (x86)\Garmin
2016-01-03 16:44:51 ----D---- C:\Garmin
2016-01-03 16:27:04 ----D---- C:\Windows\system32\config
2016-01-03 16:22:36 ----D---- C:\Windows\Tasks
2016-01-03 16:17:40 ----D---- C:\Windows\system32\Tasks
2016-01-03 16:00:37 ----D---- C:\Windows\system32\drivers
2016-01-01 13:51:28 ----D---- C:\Users\JJ\AppData\Roaming\GeoGet
2015-12-29 18:58:09 ----D---- C:\Program Files (x86)\GeoGet
2015-12-28 21:42:16 ----D---- C:\Program Files (x86)\Battle.net
2015-12-27 18:23:59 ----D---- C:\Users\JJ\AppData\Roaming\vlc
2015-12-25 12:33:36 ----D---- C:\Windows\SysWOW64
2015-12-25 12:32:08 ----RSD---- C:\Windows\Fonts
2015-12-25 10:22:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-24 14:41:19 ----D---- C:\Program Files (x86)\Diablo III
2015-12-24 14:40:48 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-12-21 18:02:46 ----D---- C:\Program Files\TeamSpeak 3 Client
2015-12-21 13:16:14 ----D---- C:\Program Files (x86)\Hearthstone
2015-12-20 10:03:05 ----D---- C:\Windows\Microsoft.NET
2015-12-20 09:03:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-12-16 17:07:36 ----D---- C:\Users\JJ\AppData\Roaming\Mozilla
2015-12-14 15:26:57 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-12-14 15:26:57 ----D---- C:\ProgramData\Apple Computer
2015-12-14 15:24:13 ----D---- C:\Program Files\Common Files
2015-12-14 15:19:44 ----D---- C:\Program Files (x86)\Common Files
2015-12-14 15:10:39 ----D---- C:\ProgramData\Apple
2015-12-14 14:44:56 ----D---- C:\Windows\system32\catroot2
2015-12-14 12:20:20 ----D---- C:\Windows\rescache
2015-12-14 11:51:43 ----D---- C:\Windows\SYSWOW64\migration
2015-12-14 11:51:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-14 11:51:42 ----D---- C:\Windows\system32\migration
2015-12-14 11:51:37 ----D---- C:\Program Files\Internet Explorer
2015-12-13 21:32:56 ----D---- C:\Windows\winsxs
2015-12-10 11:16:12 ----RSD---- C:\Windows\assembly
2015-12-10 10:29:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\system32\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\ehome
2015-12-09 16:47:20 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 16:46:08 ----D---- C:\Windows\system32\MRT
2015-12-09 16:33:07 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-06 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-06 274808]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-11-04 98144]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-01-25 386680]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-10-06 64712]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-09 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-09 449992]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-06 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-06 90968]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-10-06 206816]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-30 3707864]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-12-30 12613408]
R3 P0620VID;Creative WebCam Instant; C:\Windows\system32\DRIVERS\P0620Vid.sys [2005-08-15 126848]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2013-12-29 628368]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 Alpham1;Ideazon ZBoard USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham164.sys [2007-07-23 52992]
S3 Alpham2;Ideazon ZBoard MM USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham264.sys [2007-03-20 21760]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-10-06 65224]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-07-25 23080]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S3 WinRing0_1_2_0;WinRing0_1_2_0; C:\Windows\system32\drivers\WinRing0_1_2_0.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 22528]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-04-11 24064]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-10-06 146600]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 ezGOSvc;Easybits GO Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-16 76888]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
S2 gupdate1ca309b241db44e;Služba Google Update (gupdate1ca309b241db44e); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-11-05 194104]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-11 267440]
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-29 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 1009864]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by JJ at 2016-01-03 21:31:52
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 218 GB (23%) free of 954 GB
Total RAM: 4094 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:32:08, on 3.1.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16723)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files\trend micro\JJ.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: (no name) - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - (no file)
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] "C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [3035341367C366A3418FB789888D29044552D9E4._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.7.0) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Služba Google Update (gupdate1ca309b241db44e) (gupdate1ca309b241db44e) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11351 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
taskeng.exe {8E29E62E-DB8B-4B2D-8642-FD2AD2DD2B7C}
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
taskeng.exe {DDB8A1BC-702C-429D-96CF-1C6A6E70BF10}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\rundll32.exe" P0620Pin.dll,RunDLL32EP 513
"C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe"
"C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe"
"C:\Program Files\Logitech\SetPoint II\SetPointII.exe"
"C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
KHALMNPR.EXE /API
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\system32\conime.exe
splwow64
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 660 664 672 65536 668
"C:\Users\JJ\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000Core.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000UA.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Google Software Updater.job - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000Core.job - C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000UA.job - C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-08-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2009-09-08 318960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-08-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-08 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5F59BA-B2AB-48D8-9747-54DF806C73B8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-12-30 13662936]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
"PD0620 STISvc"=P0620Pin.dll,RunDLL32EP 513 []
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 130576]
"Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2009-08-13 415752]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2009-08-13 4195848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-11-04 22790776]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-12-26 3093624]
"3035341367C366A3418FB789888D29044552D9E4._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"Dropbox Update"=C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 134512]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48138880]
"Spotify Web Helper"=C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM for Windows]
C:\Users\JJ\AppData\Local\AOL\AIM\aim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2015-06-26 1861640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\JJ\AppData\Roaming\Spotify\Spotify.exe [2015-08-11 7574584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2015-09-04 433160]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-09 6133520]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2015-02-17 3391200]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.XFR1"=xfcodec64.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.lags"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-01-03 17:01:33 ----D---- C:\rsit
2016-01-03 17:01:33 ----D---- C:\Program Files\trend micro
2015-12-25 12:32:07 ----D---- C:\Program Files (x86)\OBD-DIAG
2015-12-15 17:13:37 ----D---- C:\Users\JJ\AppData\Roaming\Albion
2015-12-15 17:10:41 ----D---- C:\Users\JJ\AppData\Roaming\AlbionOnline
2015-12-15 17:04:30 ----D---- C:\ProgramData\Package Cache
2015-12-15 16:56:23 ----D---- C:\Program Files (x86)\AlbionOnline
2015-12-13 17:01:17 ----A---- C:\Windows\system32\jscript9.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-12-13 17:01:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-13 17:01:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\wininet.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\vbscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\jscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-13 17:00:54 ----A---- C:\Windows\system32\ieui.dll
2015-12-13 17:00:53 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\mshta.exe
2015-12-13 17:00:51 ----A---- C:\Windows\system32\mshtml.dll
2015-12-13 17:00:50 ----A---- C:\Windows\SYSWOW64\url.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\urlmon.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\mshta.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\iertutil.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-12-13 17:00:48 ----A---- C:\Windows\system32\url.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-12-13 17:00:47 ----A---- C:\Windows\system32\ieframe.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-13 17:00:43 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2015-12-13 17:00:43 ----A---- C:\Windows\system32\msfeedssync.exe
2015-12-09 16:47:48 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-09 16:46:47 ----A---- C:\Windows\SYSWOW64\els.dll
2015-12-09 16:46:47 ----A---- C:\Windows\system32\els.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\FntCache.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\DWrite.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d2d1.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-12-09 16:46:10 ----A---- C:\Windows\system32\win32k.sys
2015-12-09 16:46:10 ----A---- C:\Windows\system32\user32.dll
2015-12-09 16:31:37 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-12-09 16:31:37 ----A---- C:\Windows\system32\tzres.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\catsrvut.dll
======List of files/folders modified in the last 1 month======
2016-01-03 21:32:02 ----D---- C:\Windows\Temp
2016-01-03 21:10:39 ----D---- C:\Windows
2016-01-03 21:03:01 ----D---- C:\Users\JJ\AppData\Roaming\Skype
2016-01-03 20:56:20 ----D---- C:\Users\JJ\AppData\Roaming\Dropbox
2016-01-03 20:49:32 ----RD---- C:\Program Files (x86)
2016-01-03 20:46:50 ----D---- C:\Windows\System32
2016-01-03 20:46:31 ----D---- C:\AdwCleaner
2016-01-03 17:50:00 ----HD---- C:\ProgramData
2016-01-03 17:49:59 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-03 17:48:55 ----D---- C:\Program Files\SUPERAntiSpyware
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\TeamViewer
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\MPC-HC
2016-01-03 17:34:50 ----D---- C:\Users\JJ\AppData\Roaming\Seznam Browser
2016-01-03 17:32:54 ----D---- C:\Windows\Prefetch
2016-01-03 17:11:10 ----D---- C:\Windows\system32\catroot
2016-01-03 17:01:33 ----D---- C:\Program Files
2016-01-03 16:58:49 ----SHD---- C:\System Volume Information
2016-01-03 16:55:55 ----D---- C:\Users\JJ\AppData\Roaming\TS3Client
2016-01-03 16:55:40 ----D---- C:\Windows\Minidump
2016-01-03 16:55:40 ----D---- C:\Windows\inf
2016-01-03 16:55:40 ----D---- C:\Windows\Debug
2016-01-03 16:45:37 ----SHD---- C:\Windows\Installer
2016-01-03 16:45:36 ----SHD---- C:\Config.Msi
2016-01-03 16:45:26 ----D---- C:\Program Files (x86)\Garmin
2016-01-03 16:44:51 ----D---- C:\Garmin
2016-01-03 16:27:04 ----D---- C:\Windows\system32\config
2016-01-03 16:22:36 ----D---- C:\Windows\Tasks
2016-01-03 16:17:40 ----D---- C:\Windows\system32\Tasks
2016-01-03 16:00:37 ----D---- C:\Windows\system32\drivers
2016-01-01 13:51:28 ----D---- C:\Users\JJ\AppData\Roaming\GeoGet
2015-12-29 18:58:09 ----D---- C:\Program Files (x86)\GeoGet
2015-12-28 21:42:16 ----D---- C:\Program Files (x86)\Battle.net
2015-12-27 18:23:59 ----D---- C:\Users\JJ\AppData\Roaming\vlc
2015-12-25 12:33:36 ----D---- C:\Windows\SysWOW64
2015-12-25 12:32:08 ----RSD---- C:\Windows\Fonts
2015-12-25 10:22:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-24 14:41:19 ----D---- C:\Program Files (x86)\Diablo III
2015-12-24 14:40:48 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-12-21 18:02:46 ----D---- C:\Program Files\TeamSpeak 3 Client
2015-12-21 13:16:14 ----D---- C:\Program Files (x86)\Hearthstone
2015-12-20 10:03:05 ----D---- C:\Windows\Microsoft.NET
2015-12-20 09:03:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-12-16 17:07:36 ----D---- C:\Users\JJ\AppData\Roaming\Mozilla
2015-12-14 15:26:57 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-12-14 15:26:57 ----D---- C:\ProgramData\Apple Computer
2015-12-14 15:24:13 ----D---- C:\Program Files\Common Files
2015-12-14 15:19:44 ----D---- C:\Program Files (x86)\Common Files
2015-12-14 15:10:39 ----D---- C:\ProgramData\Apple
2015-12-14 14:44:56 ----D---- C:\Windows\system32\catroot2
2015-12-14 12:20:20 ----D---- C:\Windows\rescache
2015-12-14 11:51:43 ----D---- C:\Windows\SYSWOW64\migration
2015-12-14 11:51:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-14 11:51:42 ----D---- C:\Windows\system32\migration
2015-12-14 11:51:37 ----D---- C:\Program Files\Internet Explorer
2015-12-13 21:32:56 ----D---- C:\Windows\winsxs
2015-12-10 11:16:12 ----RSD---- C:\Windows\assembly
2015-12-10 10:29:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\system32\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\ehome
2015-12-09 16:47:20 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 16:46:08 ----D---- C:\Windows\system32\MRT
2015-12-09 16:33:07 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-06 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-06 274808]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-11-04 98144]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-01-25 386680]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-10-06 64712]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-09 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-09 449992]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-06 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-06 90968]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-10-06 206816]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-30 3707864]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-12-30 12613408]
R3 P0620VID;Creative WebCam Instant; C:\Windows\system32\DRIVERS\P0620Vid.sys [2005-08-15 126848]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2013-12-29 628368]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 Alpham1;Ideazon ZBoard USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham164.sys [2007-07-23 52992]
S3 Alpham2;Ideazon ZBoard MM USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham264.sys [2007-03-20 21760]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-10-06 65224]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-07-25 23080]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S3 WinRing0_1_2_0;WinRing0_1_2_0; C:\Windows\system32\drivers\WinRing0_1_2_0.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 22528]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-04-11 24064]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-10-06 146600]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 ezGOSvc;Easybits GO Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-16 76888]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
S2 gupdate1ca309b241db44e;Služba Google Update (gupdate1ca309b241db44e); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-11-05 194104]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-11 267440]
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-29 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 1009864]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\Google\GoogleToolbarNotifier
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000UA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5F59BA-B2AB-48D8-9747-54DF806C73B8}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
:services
Skype C2C Service
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by JJ at 2016-01-03 22:10:58
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 218 GB (23%) free of 954 GB
Total RAM: 4094 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:11:13, on 3.1.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16723)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\trend micro\JJ.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: (no name) - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - (no file)
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] "C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [3035341367C366A3418FB789888D29044552D9E4._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.7.0) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Služba Google Update (gupdate1ca309b241db44e) (gupdate1ca309b241db44e) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11433 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\msiexec /V
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
taskeng.exe {E9F1B4E7-717F-470A-9446-6FB65E0B3B08}
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {711D1F16-D315-42A3-8582-F1B09934224B}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {312CD26D-CCB6-478C-BA5B-4520A5858F44}
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" P0620Pin.dll,RunDLL32EP 513
"C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe"
"C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe"
"C:\Program Files\Logitech\SetPoint II\SetPointII.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
KHALMNPR.EXE /API
splwow64
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Windows\system32\SearchFilterHost.exe" 0 660 664 672 65536 668
"C:\Users\JJ\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000Core.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000UA.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Google Software Updater.job - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-08-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-08-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5F59BA-B2AB-48D8-9747-54DF806C73B8}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-12-30 13662936]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
"PD0620 STISvc"=P0620Pin.dll,RunDLL32EP 513 []
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 130576]
"Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2009-08-13 415752]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2009-08-13 4195848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-11-04 22790776]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-12-26 3093624]
"3035341367C366A3418FB789888D29044552D9E4._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"Dropbox Update"=C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 134512]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48138880]
"Spotify Web Helper"=C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM for Windows]
C:\Users\JJ\AppData\Local\AOL\AIM\aim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2015-06-26 1861640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\JJ\AppData\Roaming\Spotify\Spotify.exe [2015-08-11 7574584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2015-09-04 433160]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-09 6133520]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2015-02-17 3391200]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.XFR1"=xfcodec64.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.lags"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-01-03 21:49:50 ----D---- C:\_OTM
2016-01-03 17:01:33 ----D---- C:\rsit
2016-01-03 17:01:33 ----D---- C:\Program Files\trend micro
2015-12-25 12:32:07 ----D---- C:\Program Files (x86)\OBD-DIAG
2015-12-15 17:13:37 ----D---- C:\Users\JJ\AppData\Roaming\Albion
2015-12-15 17:10:41 ----D---- C:\Users\JJ\AppData\Roaming\AlbionOnline
2015-12-15 17:04:30 ----D---- C:\ProgramData\Package Cache
2015-12-15 16:56:23 ----D---- C:\Program Files (x86)\AlbionOnline
2015-12-13 17:01:17 ----A---- C:\Windows\system32\jscript9.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-12-13 17:01:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-13 17:01:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\wininet.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\vbscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\jscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-13 17:00:54 ----A---- C:\Windows\system32\ieui.dll
2015-12-13 17:00:53 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\mshta.exe
2015-12-13 17:00:51 ----A---- C:\Windows\system32\mshtml.dll
2015-12-13 17:00:50 ----A---- C:\Windows\SYSWOW64\url.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\urlmon.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\mshta.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\iertutil.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-12-13 17:00:48 ----A---- C:\Windows\system32\url.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-12-13 17:00:47 ----A---- C:\Windows\system32\ieframe.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-13 17:00:43 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2015-12-13 17:00:43 ----A---- C:\Windows\system32\msfeedssync.exe
2015-12-09 16:47:48 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-09 16:46:47 ----A---- C:\Windows\SYSWOW64\els.dll
2015-12-09 16:46:47 ----A---- C:\Windows\system32\els.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\FntCache.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\DWrite.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d2d1.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-12-09 16:46:10 ----A---- C:\Windows\system32\win32k.sys
2015-12-09 16:46:10 ----A---- C:\Windows\system32\user32.dll
2015-12-09 16:31:37 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-12-09 16:31:37 ----A---- C:\Windows\system32\tzres.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\catsrvut.dll
======List of files/folders modified in the last 1 month======
2016-01-03 22:10:55 ----D---- C:\Windows\Temp
2016-01-03 22:10:24 ----D---- C:\Users\JJ\AppData\Roaming\Skype
2016-01-03 22:10:04 ----D---- C:\Users\JJ\AppData\Roaming\Dropbox
2016-01-03 21:53:49 ----D---- C:\Windows\system32\catroot2
2016-01-03 21:51:29 ----D---- C:\Windows
2016-01-03 21:49:53 ----RD---- C:\Program Files (x86)\Skype
2016-01-03 21:49:53 ----D---- C:\Windows\Tasks
2016-01-03 21:49:53 ----D---- C:\Program Files (x86)\Google
2016-01-03 21:35:45 ----D---- C:\Windows\system32\drivers\etc
2016-01-03 21:34:12 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-01-03 20:49:32 ----RD---- C:\Program Files (x86)
2016-01-03 20:46:50 ----D---- C:\Windows\System32
2016-01-03 20:46:31 ----D---- C:\AdwCleaner
2016-01-03 17:50:00 ----HD---- C:\ProgramData
2016-01-03 17:49:59 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-03 17:48:55 ----D---- C:\Program Files\SUPERAntiSpyware
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\TeamViewer
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\MPC-HC
2016-01-03 17:34:50 ----D---- C:\Users\JJ\AppData\Roaming\Seznam Browser
2016-01-03 17:32:54 ----D---- C:\Windows\Prefetch
2016-01-03 17:11:10 ----D---- C:\Windows\system32\catroot
2016-01-03 17:01:33 ----D---- C:\Program Files
2016-01-03 16:58:49 ----SHD---- C:\System Volume Information
2016-01-03 16:55:55 ----D---- C:\Users\JJ\AppData\Roaming\TS3Client
2016-01-03 16:55:40 ----D---- C:\Windows\Minidump
2016-01-03 16:55:40 ----D---- C:\Windows\inf
2016-01-03 16:55:40 ----D---- C:\Windows\Debug
2016-01-03 16:45:37 ----SHD---- C:\Windows\Installer
2016-01-03 16:45:36 ----SHD---- C:\Config.Msi
2016-01-03 16:45:26 ----D---- C:\Program Files (x86)\Garmin
2016-01-03 16:44:51 ----D---- C:\Garmin
2016-01-03 16:27:04 ----D---- C:\Windows\system32\config
2016-01-03 16:17:40 ----D---- C:\Windows\system32\Tasks
2016-01-03 16:00:37 ----D---- C:\Windows\system32\drivers
2016-01-01 13:51:28 ----D---- C:\Users\JJ\AppData\Roaming\GeoGet
2015-12-29 18:58:09 ----D---- C:\Program Files (x86)\GeoGet
2015-12-28 21:42:16 ----D---- C:\Program Files (x86)\Battle.net
2015-12-27 18:23:59 ----D---- C:\Users\JJ\AppData\Roaming\vlc
2015-12-25 12:33:36 ----D---- C:\Windows\SysWOW64
2015-12-25 12:32:08 ----RSD---- C:\Windows\Fonts
2015-12-25 10:22:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-24 14:41:19 ----D---- C:\Program Files (x86)\Diablo III
2015-12-24 14:40:48 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-12-21 18:02:46 ----D---- C:\Program Files\TeamSpeak 3 Client
2015-12-21 13:16:14 ----D---- C:\Program Files (x86)\Hearthstone
2015-12-20 10:03:05 ----D---- C:\Windows\Microsoft.NET
2015-12-20 09:03:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-12-16 17:07:36 ----D---- C:\Users\JJ\AppData\Roaming\Mozilla
2015-12-14 15:26:57 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-12-14 15:26:57 ----D---- C:\ProgramData\Apple Computer
2015-12-14 15:24:13 ----D---- C:\Program Files\Common Files
2015-12-14 15:19:44 ----D---- C:\Program Files (x86)\Common Files
2015-12-14 15:10:39 ----D---- C:\ProgramData\Apple
2015-12-14 12:20:20 ----D---- C:\Windows\rescache
2015-12-14 11:51:43 ----D---- C:\Windows\SYSWOW64\migration
2015-12-14 11:51:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-14 11:51:42 ----D---- C:\Windows\system32\migration
2015-12-14 11:51:37 ----D---- C:\Program Files\Internet Explorer
2015-12-13 21:32:56 ----D---- C:\Windows\winsxs
2015-12-10 11:16:12 ----RSD---- C:\Windows\assembly
2015-12-10 10:29:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\system32\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\ehome
2015-12-09 16:47:20 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 16:46:08 ----D---- C:\Windows\system32\MRT
2015-12-09 16:33:07 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-06 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-06 274808]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-11-04 98144]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-01-25 386680]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-10-06 64712]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-09 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-09 449992]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-06 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-06 90968]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-10-06 206816]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-30 3707864]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-12-30 12613408]
R3 P0620VID;Creative WebCam Instant; C:\Windows\system32\DRIVERS\P0620Vid.sys [2005-08-15 126848]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2013-12-29 628368]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 Alpham1;Ideazon ZBoard USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham164.sys [2007-07-23 52992]
S3 Alpham2;Ideazon ZBoard MM USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham264.sys [2007-03-20 21760]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-10-06 65224]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-07-25 23080]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S3 WinRing0_1_2_0;WinRing0_1_2_0; C:\Windows\system32\drivers\WinRing0_1_2_0.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 22528]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-04-11 24064]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-10-06 146600]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 ezGOSvc;Easybits GO Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-16 76888]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
S2 gupdate1ca309b241db44e;Služba Google Update (gupdate1ca309b241db44e); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-11-05 194104]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-11 267440]
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-29 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 1009864]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by JJ at 2016-01-03 22:10:58
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 218 GB (23%) free of 954 GB
Total RAM: 4094 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:11:13, on 3.1.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16723)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\trend micro\JJ.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: (no name) - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - (no file)
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] "C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [3035341367C366A3418FB789888D29044552D9E4._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.7.0) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Služba Google Update (gupdate1ca309b241db44e) (gupdate1ca309b241db44e) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11433 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\msiexec /V
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
taskeng.exe {E9F1B4E7-717F-470A-9446-6FB65E0B3B08}
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {711D1F16-D315-42A3-8582-F1B09934224B}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {312CD26D-CCB6-478C-BA5B-4520A5858F44}
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" P0620Pin.dll,RunDLL32EP 513
"C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe"
"C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe"
"C:\Program Files\Logitech\SetPoint II\SetPointII.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
KHALMNPR.EXE /API
splwow64
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Windows\system32\SearchFilterHost.exe" 0 660 664 672 65536 668
"C:\Users\JJ\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000Core.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000UA.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Google Software Updater.job - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-08-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-08-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5F59BA-B2AB-48D8-9747-54DF806C73B8}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-12-30 13662936]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
"PD0620 STISvc"=P0620Pin.dll,RunDLL32EP 513 []
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 130576]
"Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2009-08-13 415752]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2009-08-13 4195848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-11-04 22790776]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-12-26 3093624]
"3035341367C366A3418FB789888D29044552D9E4._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"Dropbox Update"=C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 134512]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48138880]
"Spotify Web Helper"=C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM for Windows]
C:\Users\JJ\AppData\Local\AOL\AIM\aim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2015-06-26 1861640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\JJ\AppData\Roaming\Spotify\Spotify.exe [2015-08-11 7574584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2015-09-04 433160]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-09 6133520]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2015-02-17 3391200]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.XFR1"=xfcodec64.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.lags"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-01-03 21:49:50 ----D---- C:\_OTM
2016-01-03 17:01:33 ----D---- C:\rsit
2016-01-03 17:01:33 ----D---- C:\Program Files\trend micro
2015-12-25 12:32:07 ----D---- C:\Program Files (x86)\OBD-DIAG
2015-12-15 17:13:37 ----D---- C:\Users\JJ\AppData\Roaming\Albion
2015-12-15 17:10:41 ----D---- C:\Users\JJ\AppData\Roaming\AlbionOnline
2015-12-15 17:04:30 ----D---- C:\ProgramData\Package Cache
2015-12-15 16:56:23 ----D---- C:\Program Files (x86)\AlbionOnline
2015-12-13 17:01:17 ----A---- C:\Windows\system32\jscript9.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-12-13 17:01:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-13 17:01:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\wininet.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\vbscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\jscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-13 17:00:54 ----A---- C:\Windows\system32\ieui.dll
2015-12-13 17:00:53 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\mshta.exe
2015-12-13 17:00:51 ----A---- C:\Windows\system32\mshtml.dll
2015-12-13 17:00:50 ----A---- C:\Windows\SYSWOW64\url.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\urlmon.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\mshta.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\iertutil.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-12-13 17:00:48 ----A---- C:\Windows\system32\url.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-12-13 17:00:47 ----A---- C:\Windows\system32\ieframe.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-13 17:00:43 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2015-12-13 17:00:43 ----A---- C:\Windows\system32\msfeedssync.exe
2015-12-09 16:47:48 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-09 16:46:47 ----A---- C:\Windows\SYSWOW64\els.dll
2015-12-09 16:46:47 ----A---- C:\Windows\system32\els.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\FntCache.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\DWrite.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d2d1.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-12-09 16:46:10 ----A---- C:\Windows\system32\win32k.sys
2015-12-09 16:46:10 ----A---- C:\Windows\system32\user32.dll
2015-12-09 16:31:37 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-12-09 16:31:37 ----A---- C:\Windows\system32\tzres.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\catsrvut.dll
======List of files/folders modified in the last 1 month======
2016-01-03 22:10:55 ----D---- C:\Windows\Temp
2016-01-03 22:10:24 ----D---- C:\Users\JJ\AppData\Roaming\Skype
2016-01-03 22:10:04 ----D---- C:\Users\JJ\AppData\Roaming\Dropbox
2016-01-03 21:53:49 ----D---- C:\Windows\system32\catroot2
2016-01-03 21:51:29 ----D---- C:\Windows
2016-01-03 21:49:53 ----RD---- C:\Program Files (x86)\Skype
2016-01-03 21:49:53 ----D---- C:\Windows\Tasks
2016-01-03 21:49:53 ----D---- C:\Program Files (x86)\Google
2016-01-03 21:35:45 ----D---- C:\Windows\system32\drivers\etc
2016-01-03 21:34:12 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-01-03 20:49:32 ----RD---- C:\Program Files (x86)
2016-01-03 20:46:50 ----D---- C:\Windows\System32
2016-01-03 20:46:31 ----D---- C:\AdwCleaner
2016-01-03 17:50:00 ----HD---- C:\ProgramData
2016-01-03 17:49:59 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-03 17:48:55 ----D---- C:\Program Files\SUPERAntiSpyware
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\TeamViewer
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\MPC-HC
2016-01-03 17:34:50 ----D---- C:\Users\JJ\AppData\Roaming\Seznam Browser
2016-01-03 17:32:54 ----D---- C:\Windows\Prefetch
2016-01-03 17:11:10 ----D---- C:\Windows\system32\catroot
2016-01-03 17:01:33 ----D---- C:\Program Files
2016-01-03 16:58:49 ----SHD---- C:\System Volume Information
2016-01-03 16:55:55 ----D---- C:\Users\JJ\AppData\Roaming\TS3Client
2016-01-03 16:55:40 ----D---- C:\Windows\Minidump
2016-01-03 16:55:40 ----D---- C:\Windows\inf
2016-01-03 16:55:40 ----D---- C:\Windows\Debug
2016-01-03 16:45:37 ----SHD---- C:\Windows\Installer
2016-01-03 16:45:36 ----SHD---- C:\Config.Msi
2016-01-03 16:45:26 ----D---- C:\Program Files (x86)\Garmin
2016-01-03 16:44:51 ----D---- C:\Garmin
2016-01-03 16:27:04 ----D---- C:\Windows\system32\config
2016-01-03 16:17:40 ----D---- C:\Windows\system32\Tasks
2016-01-03 16:00:37 ----D---- C:\Windows\system32\drivers
2016-01-01 13:51:28 ----D---- C:\Users\JJ\AppData\Roaming\GeoGet
2015-12-29 18:58:09 ----D---- C:\Program Files (x86)\GeoGet
2015-12-28 21:42:16 ----D---- C:\Program Files (x86)\Battle.net
2015-12-27 18:23:59 ----D---- C:\Users\JJ\AppData\Roaming\vlc
2015-12-25 12:33:36 ----D---- C:\Windows\SysWOW64
2015-12-25 12:32:08 ----RSD---- C:\Windows\Fonts
2015-12-25 10:22:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-24 14:41:19 ----D---- C:\Program Files (x86)\Diablo III
2015-12-24 14:40:48 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-12-21 18:02:46 ----D---- C:\Program Files\TeamSpeak 3 Client
2015-12-21 13:16:14 ----D---- C:\Program Files (x86)\Hearthstone
2015-12-20 10:03:05 ----D---- C:\Windows\Microsoft.NET
2015-12-20 09:03:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-12-16 17:07:36 ----D---- C:\Users\JJ\AppData\Roaming\Mozilla
2015-12-14 15:26:57 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-12-14 15:26:57 ----D---- C:\ProgramData\Apple Computer
2015-12-14 15:24:13 ----D---- C:\Program Files\Common Files
2015-12-14 15:19:44 ----D---- C:\Program Files (x86)\Common Files
2015-12-14 15:10:39 ----D---- C:\ProgramData\Apple
2015-12-14 12:20:20 ----D---- C:\Windows\rescache
2015-12-14 11:51:43 ----D---- C:\Windows\SYSWOW64\migration
2015-12-14 11:51:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-14 11:51:42 ----D---- C:\Windows\system32\migration
2015-12-14 11:51:37 ----D---- C:\Program Files\Internet Explorer
2015-12-13 21:32:56 ----D---- C:\Windows\winsxs
2015-12-10 11:16:12 ----RSD---- C:\Windows\assembly
2015-12-10 10:29:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\system32\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\ehome
2015-12-09 16:47:20 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 16:46:08 ----D---- C:\Windows\system32\MRT
2015-12-09 16:33:07 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-06 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-06 274808]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-11-04 98144]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-01-25 386680]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-10-06 64712]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-09 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-09 449992]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-06 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-06 90968]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-10-06 206816]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-30 3707864]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-12-30 12613408]
R3 P0620VID;Creative WebCam Instant; C:\Windows\system32\DRIVERS\P0620Vid.sys [2005-08-15 126848]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2013-12-29 628368]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 Alpham1;Ideazon ZBoard USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham164.sys [2007-07-23 52992]
S3 Alpham2;Ideazon ZBoard MM USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham264.sys [2007-03-20 21760]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-10-06 65224]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-07-25 23080]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S3 WinRing0_1_2_0;WinRing0_1_2_0; C:\Windows\system32\drivers\WinRing0_1_2_0.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 22528]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-04-11 24064]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-10-06 146600]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 ezGOSvc;Easybits GO Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-16 76888]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
S2 gupdate1ca309b241db44e;Služba Google Update (gupdate1ca309b241db44e); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-11-05 194104]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-11 267440]
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-29 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 1009864]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dvouklikem na soubor C:\Program Files\trend micro\JJ.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (file missing)
O2 - BHO: (no name) - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Ještě mi i po opakovaném spuštění C Cleaneru zůstavají tyto problémy :
Problém ActiveX/COM InProcServer32\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxC.dll HKCR\CLSID\{262E45B9-36DA-43ac-ABF4-C546A7EA3BFC}
Problém ActiveX/COM InProcServer32\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxC.dll HKCR\CLSID\{A4AB08B7-35EE-4f75-BE0A-D8F9630D755E}
Problém ActiveX/COM LocalServer32\C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe HKCR\CLSID\{F319F1B8-7587-4146-AF9C-0D6D77819BF1}
Problém ActiveX/COM InProcServer32\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxC.dll HKCR\CLSID\{262E45B9-36DA-43ac-ABF4-C546A7EA3BFC}
Problém ActiveX/COM InProcServer32\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxC.dll HKCR\CLSID\{A4AB08B7-35EE-4f75-BE0A-D8F9630D755E}
Problém ActiveX/COM LocalServer32\C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe HKCR\CLSID\{F319F1B8-7587-4146-AF9C-0D6D77819BF1}
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by JJ at 2016-01-03 22:56:05
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 218 GB (23%) free of 954 GB
Total RAM: 4094 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:56:18, on 3.1.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16723)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files\trend micro\JJ.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] "C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [3035341367C366A3418FB789888D29044552D9E4._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.7.0) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Služba Google Update (gupdate1ca309b241db44e) (gupdate1ca309b241db44e) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11647 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {0F729CD1-0702-4B2B-8734-C6AAD50063AC}
taskeng.exe {644CB19F-A9FB-4EB8-A691-41B934B8F104}
C:\Windows\Explorer.EXE
taskeng.exe {928CAF54-8365-439E-8A36-1BDEDCF4E519}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" P0620Pin.dll,RunDLL32EP 513
"C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe"
"C:\Program Files\Logitech\SetPoint II\SetPointII.exe"
"C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
KHALMNPR.EXE /API
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="4632.0.390521794\1332663774" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.1.1022601318\2139419961" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.2.630631347\981218014" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.3.1420282975\266541318" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.4.1132192222\1817853621" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.5.1347304116\1702313278" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.6.1964618127\1709758476" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.7.1127251477\440804112" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.8.641590416\229368374" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.9.427446937\1210467684" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.10.830601643\359634512" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.11.1316962082\1835823584" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4632.14.216741828\707507018" --disable-d3d11 --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\JJ\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159" --gpu-driver-bug-workarounds=2,8,12,23,51,61 --gpu-vendor-id=0x10de --gpu-device-id=0x05e6 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3182 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\conime.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\JJ\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000Core.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000UA.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Google Software Updater.job - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-08-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-08-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-12-30 13662936]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
"PD0620 STISvc"=P0620Pin.dll,RunDLL32EP 513 []
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 130576]
"Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2009-08-13 415752]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2009-08-13 4195848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-11-04 22790776]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-12-26 3093624]
"3035341367C366A3418FB789888D29044552D9E4._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"Dropbox Update"=C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 134512]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48138880]
"Spotify Web Helper"=C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM for Windows]
C:\Users\JJ\AppData\Local\AOL\AIM\aim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2015-06-26 1861640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\JJ\AppData\Roaming\Spotify\Spotify.exe [2015-08-11 7574584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2015-09-04 433160]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-09 6133520]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2015-02-17 3391200]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.XFR1"=xfcodec64.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.lags"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-01-03 22:56:05 ----D---- C:\rsit
2016-01-03 17:01:33 ----D---- C:\Program Files\trend micro
2015-12-25 12:32:07 ----D---- C:\Program Files (x86)\OBD-DIAG
2015-12-15 17:13:37 ----D---- C:\Users\JJ\AppData\Roaming\Albion
2015-12-15 17:10:41 ----D---- C:\Users\JJ\AppData\Roaming\AlbionOnline
2015-12-15 17:04:30 ----D---- C:\ProgramData\Package Cache
2015-12-15 16:56:23 ----D---- C:\Program Files (x86)\AlbionOnline
2015-12-13 17:01:17 ----A---- C:\Windows\system32\jscript9.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-12-13 17:01:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-13 17:01:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\wininet.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\vbscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\jscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-13 17:00:54 ----A---- C:\Windows\system32\ieui.dll
2015-12-13 17:00:53 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\mshta.exe
2015-12-13 17:00:51 ----A---- C:\Windows\system32\mshtml.dll
2015-12-13 17:00:50 ----A---- C:\Windows\SYSWOW64\url.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\urlmon.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\mshta.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\iertutil.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-12-13 17:00:48 ----A---- C:\Windows\system32\url.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-12-13 17:00:47 ----A---- C:\Windows\system32\ieframe.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-13 17:00:43 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2015-12-13 17:00:43 ----A---- C:\Windows\system32\msfeedssync.exe
2015-12-09 16:47:48 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-09 16:46:47 ----A---- C:\Windows\SYSWOW64\els.dll
2015-12-09 16:46:47 ----A---- C:\Windows\system32\els.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\FntCache.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\DWrite.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d2d1.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-12-09 16:46:10 ----A---- C:\Windows\system32\win32k.sys
2015-12-09 16:46:10 ----A---- C:\Windows\system32\user32.dll
2015-12-09 16:31:37 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-12-09 16:31:37 ----A---- C:\Windows\system32\tzres.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\catsrvut.dll
======List of files/folders modified in the last 1 month======
2016-01-03 22:56:03 ----D---- C:\Windows\Temp
2016-01-03 22:50:34 ----D---- C:\Users\JJ\AppData\Roaming\Dropbox
2016-01-03 22:50:23 ----D---- C:\Users\JJ\AppData\Roaming\Skype
2016-01-03 22:43:47 ----D---- C:\Windows
2016-01-03 21:53:49 ----D---- C:\Windows\system32\catroot2
2016-01-03 21:49:53 ----RD---- C:\Program Files (x86)\Skype
2016-01-03 21:49:53 ----D---- C:\Windows\Tasks
2016-01-03 21:49:53 ----D---- C:\Program Files (x86)\Google
2016-01-03 21:35:45 ----D---- C:\Windows\system32\drivers\etc
2016-01-03 21:34:12 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-01-03 20:49:32 ----RD---- C:\Program Files (x86)
2016-01-03 20:46:50 ----D---- C:\Windows\System32
2016-01-03 20:46:31 ----D---- C:\AdwCleaner
2016-01-03 17:50:00 ----HD---- C:\ProgramData
2016-01-03 17:49:59 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-03 17:48:55 ----D---- C:\Program Files\SUPERAntiSpyware
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\TeamViewer
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\MPC-HC
2016-01-03 17:34:50 ----D---- C:\Users\JJ\AppData\Roaming\Seznam Browser
2016-01-03 17:32:54 ----D---- C:\Windows\Prefetch
2016-01-03 17:11:10 ----D---- C:\Windows\system32\catroot
2016-01-03 17:01:33 ----D---- C:\Program Files
2016-01-03 16:58:49 ----SHD---- C:\System Volume Information
2016-01-03 16:55:55 ----D---- C:\Users\JJ\AppData\Roaming\TS3Client
2016-01-03 16:55:40 ----D---- C:\Windows\Minidump
2016-01-03 16:55:40 ----D---- C:\Windows\inf
2016-01-03 16:55:40 ----D---- C:\Windows\Debug
2016-01-03 16:45:37 ----SHD---- C:\Windows\Installer
2016-01-03 16:45:36 ----SHD---- C:\Config.Msi
2016-01-03 16:45:26 ----D---- C:\Program Files (x86)\Garmin
2016-01-03 16:44:51 ----D---- C:\Garmin
2016-01-03 16:27:04 ----D---- C:\Windows\system32\config
2016-01-03 16:17:40 ----D---- C:\Windows\system32\Tasks
2016-01-03 16:00:37 ----D---- C:\Windows\system32\drivers
2016-01-01 13:51:28 ----D---- C:\Users\JJ\AppData\Roaming\GeoGet
2015-12-29 18:58:09 ----D---- C:\Program Files (x86)\GeoGet
2015-12-28 21:42:16 ----D---- C:\Program Files (x86)\Battle.net
2015-12-27 18:23:59 ----D---- C:\Users\JJ\AppData\Roaming\vlc
2015-12-25 12:33:36 ----D---- C:\Windows\SysWOW64
2015-12-25 12:32:08 ----RSD---- C:\Windows\Fonts
2015-12-25 10:22:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-24 14:41:19 ----D---- C:\Program Files (x86)\Diablo III
2015-12-24 14:40:48 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-12-21 18:02:46 ----D---- C:\Program Files\TeamSpeak 3 Client
2015-12-21 13:16:14 ----D---- C:\Program Files (x86)\Hearthstone
2015-12-20 10:03:05 ----D---- C:\Windows\Microsoft.NET
2015-12-20 09:03:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-12-16 17:07:36 ----D---- C:\Users\JJ\AppData\Roaming\Mozilla
2015-12-14 15:26:57 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-12-14 15:26:57 ----D---- C:\ProgramData\Apple Computer
2015-12-14 15:24:13 ----D---- C:\Program Files\Common Files
2015-12-14 15:19:44 ----D---- C:\Program Files (x86)\Common Files
2015-12-14 15:10:39 ----D---- C:\ProgramData\Apple
2015-12-14 12:20:20 ----D---- C:\Windows\rescache
2015-12-14 11:51:43 ----D---- C:\Windows\SYSWOW64\migration
2015-12-14 11:51:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-14 11:51:42 ----D---- C:\Windows\system32\migration
2015-12-14 11:51:37 ----D---- C:\Program Files\Internet Explorer
2015-12-13 21:32:56 ----D---- C:\Windows\winsxs
2015-12-10 11:16:12 ----RSD---- C:\Windows\assembly
2015-12-10 10:29:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\system32\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\ehome
2015-12-09 16:47:20 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 16:46:08 ----D---- C:\Windows\system32\MRT
2015-12-09 16:33:07 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-06 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-06 274808]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-11-04 98144]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-01-25 386680]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-10-06 64712]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-09 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-09 449992]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-06 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-06 90968]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-10-06 206816]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-30 3707864]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-12-30 12613408]
R3 P0620VID;Creative WebCam Instant; C:\Windows\system32\DRIVERS\P0620Vid.sys [2005-08-15 126848]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2013-12-29 628368]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 Alpham1;Ideazon ZBoard USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham164.sys [2007-07-23 52992]
S3 Alpham2;Ideazon ZBoard MM USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham264.sys [2007-03-20 21760]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-10-06 65224]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-07-25 23080]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S3 WinRing0_1_2_0;WinRing0_1_2_0; C:\Windows\system32\drivers\WinRing0_1_2_0.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 22528]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-04-11 24064]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-10-06 146600]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 ezGOSvc;Easybits GO Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-16 76888]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
S2 gupdate1ca309b241db44e;Služba Google Update (gupdate1ca309b241db44e); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-11-05 194104]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-11 267440]
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-29 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 1009864]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by JJ at 2016-01-03 22:56:05
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 218 GB (23%) free of 954 GB
Total RAM: 4094 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:56:18, on 3.1.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16723)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files\trend micro\JJ.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] "C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [3035341367C366A3418FB789888D29044552D9E4._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.7.0) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Služba Google Update (gupdate1ca309b241db44e) (gupdate1ca309b241db44e) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11647 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {0F729CD1-0702-4B2B-8734-C6AAD50063AC}
taskeng.exe {644CB19F-A9FB-4EB8-A691-41B934B8F104}
C:\Windows\Explorer.EXE
taskeng.exe {928CAF54-8365-439E-8A36-1BDEDCF4E519}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" P0620Pin.dll,RunDLL32EP 513
"C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe"
"C:\Program Files\Logitech\SetPoint II\SetPointII.exe"
"C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
KHALMNPR.EXE /API
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="4632.0.390521794\1332663774" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.1.1022601318\2139419961" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.2.630631347\981218014" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.3.1420282975\266541318" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.4.1132192222\1817853621" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.5.1347304116\1702313278" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.6.1964618127\1709758476" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.7.1127251477\440804112" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.8.641590416\229368374" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.9.427446937\1210467684" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.10.830601643\359634512" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4632.11.1316962082\1835823584" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4632.14.216741828\707507018" --disable-d3d11 --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\JJ\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159" --gpu-driver-bug-workarounds=2,8,12,23,51,61 --gpu-vendor-id=0x10de --gpu-device-id=0x05e6 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3182 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\conime.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\JJ\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000Core.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1879552054-1755973776-1894730951-1000UA.job - C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Google Software Updater.job - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-08-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-08-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-12-30 13662936]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
"PD0620 STISvc"=P0620Pin.dll,RunDLL32EP 513 []
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 130576]
"Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2009-08-13 415752]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2009-08-13 4195848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\JJ\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-11-04 22790776]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-12-26 3093624]
"3035341367C366A3418FB789888D29044552D9E4._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"GoogleChromeAutoLaunch_B0BD76C7D5176A646DE934CC78DFB103"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-12-11 741704]
"Dropbox Update"=C:\Users\JJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 134512]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48138880]
"Spotify Web Helper"=C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM for Windows]
C:\Users\JJ\AppData\Local\AOL\AIM\aim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2015-06-26 1861640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\JJ\AppData\Roaming\Spotify\Spotify.exe [2015-08-11 7574584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\JJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-11 2017848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2015-09-04 433160]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-09 6133520]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2015-02-17 3391200]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\JJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.XFR1"=xfcodec64.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.lags"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-01-03 22:56:05 ----D---- C:\rsit
2016-01-03 17:01:33 ----D---- C:\Program Files\trend micro
2015-12-25 12:32:07 ----D---- C:\Program Files (x86)\OBD-DIAG
2015-12-15 17:13:37 ----D---- C:\Users\JJ\AppData\Roaming\Albion
2015-12-15 17:10:41 ----D---- C:\Users\JJ\AppData\Roaming\AlbionOnline
2015-12-15 17:04:30 ----D---- C:\ProgramData\Package Cache
2015-12-15 16:56:23 ----D---- C:\Program Files (x86)\AlbionOnline
2015-12-13 17:01:17 ----A---- C:\Windows\system32\jscript9.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-12-13 17:01:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-12-13 17:01:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-12-13 17:01:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-13 17:01:02 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-13 17:01:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\wininet.dll
2015-12-13 17:01:01 ----A---- C:\Windows\system32\vbscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\jscript.dll
2015-12-13 17:00:56 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-13 17:00:54 ----A---- C:\Windows\system32\ieui.dll
2015-12-13 17:00:53 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-12-13 17:00:51 ----A---- C:\Windows\SYSWOW64\mshta.exe
2015-12-13 17:00:51 ----A---- C:\Windows\system32\mshtml.dll
2015-12-13 17:00:50 ----A---- C:\Windows\SYSWOW64\url.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\urlmon.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\mshta.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-13 17:00:50 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-13 17:00:50 ----A---- C:\Windows\system32\iertutil.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2015-12-13 17:00:49 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-12-13 17:00:48 ----A---- C:\Windows\system32\url.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-12-13 17:00:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-12-13 17:00:47 ----A---- C:\Windows\system32\ieframe.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-13 17:00:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-13 17:00:43 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2015-12-13 17:00:43 ----A---- C:\Windows\system32\msfeedssync.exe
2015-12-09 16:47:48 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\wshrm.dll
2015-12-09 16:47:48 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-09 16:46:47 ----A---- C:\Windows\SYSWOW64\els.dll
2015-12-09 16:46:47 ----A---- C:\Windows\system32\els.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\FntCache.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\DWrite.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10warp.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10level9.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10_1.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d3d10.dll
2015-12-09 16:46:11 ----A---- C:\Windows\system32\d2d1.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-09 16:46:10 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-12-09 16:46:10 ----A---- C:\Windows\system32\win32k.sys
2015-12-09 16:46:10 ----A---- C:\Windows\system32\user32.dll
2015-12-09 16:31:37 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-12-09 16:31:37 ----A---- C:\Windows\system32\tzres.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-09 16:31:19 ----A---- C:\Windows\system32\catsrvut.dll
======List of files/folders modified in the last 1 month======
2016-01-03 22:56:03 ----D---- C:\Windows\Temp
2016-01-03 22:50:34 ----D---- C:\Users\JJ\AppData\Roaming\Dropbox
2016-01-03 22:50:23 ----D---- C:\Users\JJ\AppData\Roaming\Skype
2016-01-03 22:43:47 ----D---- C:\Windows
2016-01-03 21:53:49 ----D---- C:\Windows\system32\catroot2
2016-01-03 21:49:53 ----RD---- C:\Program Files (x86)\Skype
2016-01-03 21:49:53 ----D---- C:\Windows\Tasks
2016-01-03 21:49:53 ----D---- C:\Program Files (x86)\Google
2016-01-03 21:35:45 ----D---- C:\Windows\system32\drivers\etc
2016-01-03 21:34:12 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-01-03 20:49:32 ----RD---- C:\Program Files (x86)
2016-01-03 20:46:50 ----D---- C:\Windows\System32
2016-01-03 20:46:31 ----D---- C:\AdwCleaner
2016-01-03 17:50:00 ----HD---- C:\ProgramData
2016-01-03 17:49:59 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-03 17:48:55 ----D---- C:\Program Files\SUPERAntiSpyware
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\TeamViewer
2016-01-03 17:47:23 ----D---- C:\Users\JJ\AppData\Roaming\MPC-HC
2016-01-03 17:34:50 ----D---- C:\Users\JJ\AppData\Roaming\Seznam Browser
2016-01-03 17:32:54 ----D---- C:\Windows\Prefetch
2016-01-03 17:11:10 ----D---- C:\Windows\system32\catroot
2016-01-03 17:01:33 ----D---- C:\Program Files
2016-01-03 16:58:49 ----SHD---- C:\System Volume Information
2016-01-03 16:55:55 ----D---- C:\Users\JJ\AppData\Roaming\TS3Client
2016-01-03 16:55:40 ----D---- C:\Windows\Minidump
2016-01-03 16:55:40 ----D---- C:\Windows\inf
2016-01-03 16:55:40 ----D---- C:\Windows\Debug
2016-01-03 16:45:37 ----SHD---- C:\Windows\Installer
2016-01-03 16:45:36 ----SHD---- C:\Config.Msi
2016-01-03 16:45:26 ----D---- C:\Program Files (x86)\Garmin
2016-01-03 16:44:51 ----D---- C:\Garmin
2016-01-03 16:27:04 ----D---- C:\Windows\system32\config
2016-01-03 16:17:40 ----D---- C:\Windows\system32\Tasks
2016-01-03 16:00:37 ----D---- C:\Windows\system32\drivers
2016-01-01 13:51:28 ----D---- C:\Users\JJ\AppData\Roaming\GeoGet
2015-12-29 18:58:09 ----D---- C:\Program Files (x86)\GeoGet
2015-12-28 21:42:16 ----D---- C:\Program Files (x86)\Battle.net
2015-12-27 18:23:59 ----D---- C:\Users\JJ\AppData\Roaming\vlc
2015-12-25 12:33:36 ----D---- C:\Windows\SysWOW64
2015-12-25 12:32:08 ----RSD---- C:\Windows\Fonts
2015-12-25 10:22:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-24 14:41:19 ----D---- C:\Program Files (x86)\Diablo III
2015-12-24 14:40:48 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-12-21 18:02:46 ----D---- C:\Program Files\TeamSpeak 3 Client
2015-12-21 13:16:14 ----D---- C:\Program Files (x86)\Hearthstone
2015-12-20 10:03:05 ----D---- C:\Windows\Microsoft.NET
2015-12-20 09:03:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-12-16 17:07:36 ----D---- C:\Users\JJ\AppData\Roaming\Mozilla
2015-12-14 15:26:57 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-12-14 15:26:57 ----D---- C:\ProgramData\Apple Computer
2015-12-14 15:24:13 ----D---- C:\Program Files\Common Files
2015-12-14 15:19:44 ----D---- C:\Program Files (x86)\Common Files
2015-12-14 15:10:39 ----D---- C:\ProgramData\Apple
2015-12-14 12:20:20 ----D---- C:\Windows\rescache
2015-12-14 11:51:43 ----D---- C:\Windows\SYSWOW64\migration
2015-12-14 11:51:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-14 11:51:42 ----D---- C:\Windows\system32\migration
2015-12-14 11:51:37 ----D---- C:\Program Files\Internet Explorer
2015-12-13 21:32:56 ----D---- C:\Windows\winsxs
2015-12-10 11:16:12 ----RSD---- C:\Windows\assembly
2015-12-10 10:29:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\system32\cs-CZ
2015-12-10 10:29:07 ----D---- C:\Windows\ehome
2015-12-09 16:47:20 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 16:46:08 ----D---- C:\Windows\system32\MRT
2015-12-09 16:33:07 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-06 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-06 274808]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-11-04 98144]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-01-25 386680]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-10-06 64712]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-09 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-09 449992]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-06 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-06 90968]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-10-06 206816]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-30 3707864]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-12-30 12613408]
R3 P0620VID;Creative WebCam Instant; C:\Windows\system32\DRIVERS\P0620Vid.sys [2005-08-15 126848]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2013-12-29 628368]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 Alpham1;Ideazon ZBoard USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham164.sys [2007-07-23 52992]
S3 Alpham2;Ideazon ZBoard MM USB Human Interface Device; C:\Windows\system32\DRIVERS\Alpham264.sys [2007-03-20 21760]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-10-06 65224]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-07-25 23080]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S3 WinRing0_1_2_0;WinRing0_1_2_0; C:\Windows\system32\drivers\WinRing0_1_2_0.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 22528]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-04-11 24064]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-10-06 146600]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 ezGOSvc;Easybits GO Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-16 76888]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
S2 gupdate1ca309b241db44e;Služba Google Update (gupdate1ca309b241db44e); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-11-05 194104]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-11 267440]
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-29 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 1009864]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Některé věci CC neodstraní (jsou "drženy" systémem). To by nemělo mít podstatný vliv. Původně jste chtěl odstranit Pokki. Je pryč?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Ano, pokki je pryč, jen jsem myslel jestli to není nějaký zádrhel. Děkuji a přeji vše Nej do Nového roku.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Jen to zabírá místo, není ale funkční. PF2016 a nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?