Firefox mi hází web "vyhráli jste iPhone"

Zpráva

zooh · #1 Příspěvek od **zooh** » 30 led 2016 09:50

Dobrý den, mám problém s Firefoxem, po otevření mi místo domovské stránky hodí hlášku VYHRÁLI JSTE IPHONE a tuto adresu: http://w.product.justtakeit.xyz/CZ/ipho ... z5n2kqb5uu

Zkusila jsem ADWCleaner ale nepomohl.

Log RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Zora at 2016-01-30 09:48:47
Microsoft Windows 10 Home
System drive C: has 541 GB (58%) free of 936 GB
Total RAM: 7114 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:48:55, on 30.01.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe
C:\Users\Zora\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe
C:\Program Files\trend micro\Zora.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6E6C2A194A898AB3493229E83B1D1BE2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [AcerPortal] "C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe" startup
O4 - HKCU\..\Run: [RemoteFilesTrayIcon] "C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe" --hideUI
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Zora\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Quick Access RadioMgr Service (RMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11467 bytes

======Listing Processes======

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
atieclxx
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" -r "C:\Users\Zora\AppData\Local\AOP SDK\Acer Infra\acer\SyncAgent" -u S-1-5-21-3526991197-1805786046-1037397184-1001 -c 508 -s 482 -g "C:\ProgramData\acer\CCD"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
taskeng.exe {D1217EAC-8228-4F0A-88FF-15B9BD473543}
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Program Files\Acer\Acer Quick Access\QAEvent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Acer\Acer Quick Access\QAMsg.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe" startup
"C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe"
"C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe" --hideUI
"C:\Users\Zora\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Acer\Acer Quick Access\RMSvc.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup

C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe" task
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe"
"C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe"
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6605.23751.0_x64__8wekyb3d8bbwe\HubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppXczch7hf9576qpxqh411t8e5g6baj2p43.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
wmiadap.exe /F /T /R

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3526991197-1805786046-1037397184-10011_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3526991197-1805786046-1037397184-10011 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 628 632 640 8192 636
"C:\Users\Zora\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Acer\Care Center\ACCStd.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Zora\AppData\Roaming\Mozilla\Firefox\Profiles\jxzsrlfy.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.286 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.286 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll

C:\Users\Zora\AppData\Roaming\Mozilla\Firefox\Profiles\jxzsrlfy.default\searchplugins\
McSiteAdvisor.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-19 230080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-08 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-18 2093360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-08 664184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-21 13672304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_6E6C2A194A898AB3493229E83B1D1BE2"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-01-27 748872]
"Spotify Web Helper"=C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [2015-03-18 1168896]
"AcerPortal"=C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-11-19 2732760]
"RemoteFilesTrayIcon"=C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe [2015-11-10 2289880]
"OneDrive"=C:\Users\Zora\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-15 551112]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-12-10 3013200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-21 767176]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-08 7021880]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-28 10:48:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 10:48:20 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 10:48:18 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-01-28 10:48:16 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-01-28 10:48:15 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-01-28 10:48:13 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-01-28 10:48:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-01-28 10:48:07 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 10:48:05 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-01-28 10:48:04 ----A---- C:\WINDOWS\system32\twinui.dll
2016-01-28 10:48:03 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-01-28 10:48:02 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-01-28 10:48:01 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-01-28 10:47:59 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-01-28 10:47:58 ----A---- C:\WINDOWS\system32\shell32.dll
2016-01-28 10:47:56 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-01-28 10:47:56 ----A---- C:\WINDOWS\system32\d2d1.dll
2016-01-28 10:47:55 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-01-28 10:47:55 ----A---- C:\WINDOWS\system32\mos.dll
2016-01-28 10:47:51 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2016-01-28 10:47:51 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-01-28 10:47:50 ----A---- C:\WINDOWS\system32\InputService.dll
2016-01-28 10:47:50 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-01-28 10:47:50 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-01-28 10:47:49 ----A---- C:\WINDOWS\system32\WpcMon.exe
2016-01-28 10:47:48 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-01-28 10:47:48 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-01-28 10:47:47 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-01-28 10:47:47 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 10:47:47 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-01-28 10:47:46 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 10:47:46 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-01-28 10:47:46 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 10:47:45 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-01-28 10:47:45 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-01-28 10:47:45 ----A---- C:\WINDOWS\system32\msctf.dll
2016-01-28 10:47:45 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-01-28 10:47:45 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-01-28 10:47:45 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-01-28 10:47:44 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2016-01-28 10:47:44 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-01-28 10:47:44 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-01-28 10:47:44 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 10:47:44 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-01-28 10:47:43 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 10:47:43 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 10:47:43 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\quartz.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\MTFServer.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-01-28 10:47:41 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\system32\MTF.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\SYSWOW64\SimCfg.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\system32\srcore.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-01-28 10:47:39 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2016-01-28 10:47:39 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 10:47:39 ----A---- C:\WINDOWS\system32\SimCfg.dll
2016-01-28 10:47:39 ----A---- C:\WINDOWS\system32\services.exe
2016-01-28 10:47:39 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\SYSWOW64\SimAuth.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\wscapi.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\SimAuth.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\rasdlg.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\rasapi32.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\system32\DDDS.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 10:47:36 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2016-01-28 10:47:36 ----A---- C:\WINDOWS\system32\wlidcli.dll
2016-01-28 10:47:36 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 10:47:36 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 10:47:35 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-01-28 10:47:35 ----A---- C:\WINDOWS\system32\rastls.dll
2016-01-28 10:47:35 ----A---- C:\WINDOWS\system32\invagent.dll
2016-01-28 10:47:35 ----A---- C:\WINDOWS\system32\evr.dll
2016-01-28 10:47:34 ----A---- C:\WINDOWS\SYSWOW64\pcaui.exe
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\pcaui.exe
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\FilterDS.dll
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\devinv.dll
2016-01-28 10:47:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 10:47:33 ----A---- C:\WINDOWS\SYSWOW64\rasautou.exe
2016-01-28 10:47:33 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 10:47:33 ----A---- C:\WINDOWS\system32\rasautou.exe
2016-01-28 10:47:33 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2016-01-28 10:47:32 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\SYSWOW64\winhttpcom.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\SYSWOW64\winbio.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\SYSWOW64\rasadhlp.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\winbio.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\sscoreext.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\rastlsext.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\rasauto.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2016-01-15 18:50:07 ----D---- C:\WINDOWS\Minidump
2016-01-13 11:32:49 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-01-13 11:32:48 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 11:32:46 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-01-13 11:32:45 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-01-13 11:32:45 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-01-13 11:32:45 ----A---- C:\WINDOWS\system32\usermgr.dll
2016-01-13 11:32:44 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-01-13 11:32:44 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 11:32:44 ----A---- C:\WINDOWS\system32\msxml6.dll
2016-01-13 11:32:43 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2016-01-13 11:32:43 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 11:32:43 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-01-13 11:32:43 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-01-13 11:32:42 ----A---- C:\WINDOWS\SYSWOW64\WMADMOD.DLL
2016-01-13 11:32:42 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2016-01-13 11:32:42 ----A---- C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 11:32:42 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-01-13 11:32:42 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 11:32:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-01-13 11:32:41 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-01-13 11:32:41 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-13 11:32:40 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-01-13 11:32:39 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-01-13 11:32:39 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOD.DLL
2016-01-13 11:32:39 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-01-13 11:32:39 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-01-13 11:32:39 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-01-13 11:32:39 ----A---- C:\WINDOWS\system32\advapi32.dll
2016-01-13 11:32:38 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2016-01-13 11:32:38 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-01-13 11:32:38 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 11:32:38 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-01-13 11:32:38 ----A---- C:\WINDOWS\system32\schannel.dll
2016-01-13 11:32:38 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-01-13 11:32:38 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\SYSWOW64\MP3DMOD.DLL
2016-01-13 11:32:37 ----A---- C:\WINDOWS\SYSWOW64\mftranscode.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\uReFS.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\PhoneService.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\mftranscode.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-13 11:32:36 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2016-01-13 11:32:36 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2016-01-13 11:32:36 ----A---- C:\WINDOWS\system32\winload.exe
2016-01-13 11:32:36 ----A---- C:\WINDOWS\system32\qedit.dll
2016-01-13 11:32:36 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-01-13 11:32:36 ----A---- C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 11:32:35 ----A---- C:\WINDOWS\SYSWOW64\usermgrcli.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\SYSWOW64\ProximityCommon.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\system32\ProximityCommon.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\system32\omadmclient.exe
2016-01-13 11:32:35 ----A---- C:\WINDOWS\system32\mfps.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-01-13 11:32:34 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOE.DLL
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\DscCore.dll
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\drivers\BthLEEnum.sys
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\aitstatic.exe
2016-01-13 11:32:33 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-01-13 11:32:33 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2016-01-13 11:32:33 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 11:32:33 ----A---- C:\WINDOWS\system32\aepic.dll
2016-01-07 22:48:02 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2016-01-06 10:56:13 ----D---- C:\ProgramData\BitRaider
2016-01-05 17:51:37 ----D---- C:\Program Files (x86)\Electronic Arts
2016-01-02 12:50:03 ----HD---- C:\$Windows.~WS

======List of files/folders modified in the last 1 month======

2016-01-30 09:48:52 ----D---- C:\Program Files\trend micro
2016-01-30 09:47:43 ----D---- C:\Program Files (x86)\Steam
2016-01-30 09:46:47 ----D---- C:\WINDOWS\Prefetch
2016-01-30 09:46:35 ----D---- C:\WINDOWS\Temp
2016-01-30 09:43:27 ----D---- C:\WINDOWS\system32\sru
2016-01-30 09:42:44 ----D---- C:\WINDOWS\system32\Tasks
2016-01-30 09:41:43 ----RD---- C:\Program Files (x86)
2016-01-30 09:41:42 ----D---- C:\AdwCleaner
2016-01-30 08:33:33 ----D---- C:\WINDOWS\AppReadiness
2016-01-30 08:28:23 ----HD---- C:\Program Files\WindowsApps
2016-01-29 18:27:08 ----D---- C:\WINDOWS\system32\NDF
2016-01-29 09:01:57 ----D---- C:\WINDOWS\Microsoft.NET
2016-01-28 21:54:47 ----SHD---- C:\WINDOWS\Installer
2016-01-28 21:54:45 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-01-28 21:54:12 ----D---- C:\Program Files (x86)\Common Files
2016-01-28 21:52:36 ----AD---- C:\Program Files (x86)\Microsoft Office
2016-01-28 21:41:29 ----D---- C:\WINDOWS\system32\config
2016-01-28 21:37:24 ----D---- C:\WINDOWS\System32
2016-01-28 21:37:24 ----D---- C:\WINDOWS\INF
2016-01-28 21:37:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-28 21:31:05 ----D---- C:\WINDOWS\WinSxS
2016-01-28 21:29:01 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-01-28 21:29:01 ----D---- C:\WINDOWS\SysWOW64
2016-01-28 21:29:01 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-01-28 21:29:00 ----SD---- C:\WINDOWS\system32\F12
2016-01-28 21:29:00 ----D---- C:\WINDOWS\system32\oobe
2016-01-28 21:29:00 ----D---- C:\WINDOWS\system32\migration
2016-01-28 21:29:00 ----D---- C:\WINDOWS\system32\drivers
2016-01-28 21:29:00 ----D---- C:\WINDOWS\system32\appraiser
2016-01-28 21:28:59 ----RD---- C:\WINDOWS\PurchaseDialog
2016-01-28 21:28:59 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-01-28 21:28:58 ----D---- C:\WINDOWS\bcastdvr
2016-01-28 21:28:58 ----D---- C:\WINDOWS\AppPatch
2016-01-28 21:28:56 ----D---- C:\WINDOWS\system32\DriverStore
2016-01-28 10:58:22 ----D---- C:\WINDOWS\CbsTemp
2016-01-28 10:41:28 ----D---- C:\WINDOWS\system32\catroot2
2016-01-25 19:30:45 ----SHD---- C:\System Volume Information
2016-01-21 23:05:21 ----AD---- C:\Program Files (x86)\Opera
2016-01-21 19:58:08 ----AD---- C:\Program Files (x86)\Overwolf
2016-01-18 11:02:43 ----RSD---- C:\WINDOWS\assembly
2016-01-16 22:02:24 ----D---- C:\WINDOWS\system32\MRT
2016-01-16 21:56:09 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-15 18:50:07 ----D---- C:\Windows
2016-01-14 22:56:35 ----D---- C:\WINDOWS\system32\Boot
2016-01-14 22:52:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-12 00:28:49 ----D---- C:\Users\Zora\AppData\Roaming\TS3Client
2016-01-07 13:37:15 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-01-06 18:20:35 ----D---- C:\WINDOWS\system32\WDI
2016-01-06 10:56:13 ----HD---- C:\ProgramData
2016-01-03 02:40:25 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-01-02 13:26:28 ----DC---- C:\WINDOWS\Panther
2016-01-02 12:50:02 ----D---- C:\WINDOWS\Logs
2016-01-02 12:45:54 ----HD---- C:\WINDOWS\system32\GroupPolicy
2016-01-02 12:45:54 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem8.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2013-12-13 36608]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-12-08 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-12-08 273784]
R0 BTATH_BUS;@oem10.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-26 35016]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-12-08 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-01-20 1065208]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-01-20 464256]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 APXACC;@oem3.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2014-03-28 225504]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-12-08 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-12-20 97648]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-12-08 155304]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-12-16 21648880]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-12-16 674288]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2015-10-30 4207104]
R3 AtiHDAudioService;@oem1.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-03-09 599240]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2015-10-30 165376]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-10-30 112640]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2015-10-30 36864]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-01-05 245760]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2015-10-30 84992]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-04-08 3917272]
R3 LMDriver;@oem12.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2013-07-18 21360]
R3 RadioShim;@oem12.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2013-07-18 14680]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-10-30 175104]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 RTSPER;@oem2.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-05-14 751632]
R3 SynRMIHID;@oem4.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [2014-02-19 42224]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2015-08-10 82072]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [2016-01-06 78088]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-01-05 953856]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-12-15 117248]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 45056]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-12-16 255472]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-11-04 351944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-08 226440]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2015-11-17 2860760]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-01-17 2772720]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-10-12 349728]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-06-10 466664]
R2 OneSyncSvc_444cc;Hostitel synchronizace_444cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-06-12 2573032]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2014-06-26 458984]
R3 RMSvc;Quick Access RadioMgr Service; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [2014-06-26 449768]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-05 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1beb7e;Hostitel synchronizace_1beb7e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_39d7c;Hostitel synchronizace_39d7c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3b4c8;Hostitel synchronizace_3b4c8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3f25a;Hostitel synchronizace_3f25a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_64f5b;Hostitel synchronizace_64f5b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_87138;Hostitel synchronizace_87138; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_cf525;Hostitel synchronizace_cf525; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BRSptStub;BitRaider Mini-Support Service Stub Loader; C:\ProgramData\BitRaider\BRSptStub.exe [2016-01-06 363208]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2015-10-12 209952]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-05 107848]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1beb7e;Služba zasílání zpráv_1beb7e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_39d7c;Služba zasílání zpráv_39d7c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3b4c8;Služba zasílání zpráv_3b4c8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3f25a;Služba zasílání zpráv_3f25a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_444cc;Služba zasílání zpráv_444cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_64f5b;Služba zasílání zpráv_64f5b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_87138;Služba zasílání zpráv_87138; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_cf525;Služba zasílání zpráv_cf525; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-07 146888]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-11-06 2099208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-01-17 212176]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-01-06 1009904]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1beb7e;Data kontaktů_1beb7e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_39d7c;Data kontaktů_39d7c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3b4c8;Data kontaktů_3b4c8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3f25a;Data kontaktů_3f25a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_444cc;Data kontaktů_444cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_64f5b;Data kontaktů_64f5b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_87138;Data kontaktů_87138; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_cf525;Data kontaktů_cf525; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-10 836176]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

Děkuji za pomoc

#2 Příspěvek od **Rudy** » 30 led 2016 11:34

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

zooh · #3 Příspěvek od **zooh** » 30 led 2016 18:53

No tento log co jsem sem dala už je po projetí AdwClenerem. Jak jsem psala v úvodu.

#4 Příspěvek od **Rudy** » 30 led 2016 19:17

OK. Jen jsem chtěl vidět log ADW. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

zooh · #5 Příspěvek od **zooh** » 31 led 2016 15:30

All processes killed
========== FILES ==========
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Public

User: Zora
->Temp folder emptied: 344419891 bytes
->Temporary Internet Files folder emptied: 145974014 bytes
->FireFox cache emptied: 375921519 bytes
->Google Chrome cache emptied: 375109759 bytes
->Flash cache emptied: 2363 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 78720732 bytes
RecycleBin emptied: 3457830 bytes

Total Files Cleaned = 1 262,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Default.migrated

User: Public

User: Zora
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.21.0 log created on 01312016_125817

Files moved on Reboot...
C:\Users\Zora\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\officeclicktorun.exe_streamserver(201601300944418F8).log not found!
C:\WINDOWS\temp\VITEZOVE-20160130-0944.log moved successfully.

Registry entries deleted on Reboot...

#6 Příspěvek od **Rudy** » 31 led 2016 17:42

Poprosím ještě o jeden RSIT.

zooh · #7 Příspěvek od **zooh** » 10 úno 2016 19:48

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zora at 2016-02-10 19:47:46
Microsoft Windows 10 Home
System drive C: has 542 GB (58%) free of 936 GB
Total RAM: 7114 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:47:49, on 10.02.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe
C:\Users\Zora\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Zora.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6E6C2A194A898AB3493229E83B1D1BE2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [AcerPortal] "C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe" startup
O4 - HKCU\..\Run: [RemoteFilesTrayIcon] "C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe" --hideUI
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Zora\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Quick Access RadioMgr Service (RMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12571 bytes

======Listing Processes======

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" -r "C:\Users\Zora\AppData\Local\AOP SDK\Acer Infra\acer\SyncAgent" -u S-1-5-21-3526991197-1805786046-1037397184-1001 -c 496 -s 484 -g "C:\ProgramData\acer\CCD"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
dashost.exe {22bf8cf7-2592-4b5f-8be935eef4c21c14}
atieclxx
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
"C:\Program Files\Acer\Acer Quick Access\QAEvent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Program Files\Acer\Acer Quick Access\QAMsg.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe" --hideUI
"C:\Users\Zora\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\Acer\Acer Quick Access\RMSvc.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe" task
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe"
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe"
"C:\Program Files (x86)\Acer\Care Center\ACCStd.exe"
"C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4460.0.1293550246\142740033" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x1002 --gpu-device-id=0x1318 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.1008 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.1.1099884217\255874568" --font-cache-shared-handle=2284 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.2.1831690290\613555287" --font-cache-shared-handle=2460 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.3.1077168335\1900102598" --font-cache-shared-handle=2468 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.4.39400823\1485890374" --font-cache-shared-handle=2716 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.5.854586392\921789490" --font-cache-shared-handle=2836 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.6.1374361419\827140020" --font-cache-shared-handle=3104 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.10.719582223\1059582002" --font-cache-shared-handle=6912 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.11.229865628\505947012" --font-cache-shared-handle=3756 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.12.176468732\2089939355" --font-cache-shared-handle=8632 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.13.459678223\1557757710" --font-cache-shared-handle=8944 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.14.408097053\2011574068" --font-cache-shared-handle=8940 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4460.16.1505329281\1895012196" --ppapi-flash-args --lang=cs --device-scale-factor=1 --font-cache-shared-handle=6064 --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.17.780163042\692839554" --font-cache-shared-handle=9508 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.18.486896498\208383892" --font-cache-shared-handle=8188 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.19.987093346\1901865038" --font-cache-shared-handle=10328 /prefetch:673131151
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\system32\wwahost.exe" -ServerName:Microsoft.ZuneMusic.wwa
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
taskhostw.exe
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4460.49.748280112\706965955" --font-cache-shared-handle=1708 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4460.50.365364274\1372882305" --ppapi-flash-args --lang=cs --device-scale-factor=1 --font-cache-shared-handle=9704 --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Users\Zora\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Zora\AppData\Roaming\Mozilla\Firefox\Profiles\jxzsrlfy.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll

C:\Users\Zora\AppData\Roaming\Mozilla\Firefox\Profiles\jxzsrlfy.default\searchplugins\
McSiteAdvisor.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-19 230080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-08 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-18 2093360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-08 664184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-21 13672304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_6E6C2A194A898AB3493229E83B1D1BE2"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-02-03 748872]
"Spotify Web Helper"=C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [2015-03-18 1168896]
"AcerPortal"=C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-01-19 2732760]
"RemoteFilesTrayIcon"=C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe [2015-11-10 2289880]
"OneDrive"=C:\Users\Zora\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-03 551112]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-12-10 3013200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-21 767176]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-08 7021880]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-10 15:32:02 ----D---- C:\ProgramData\Gibraltar
2016-02-10 14:36:48 ----HD---- C:\OneDriveTemp
2016-02-10 12:56:00 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-02-10 12:55:59 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-02-10 12:55:57 ----A---- C:\WINDOWS\system32\shell32.dll
2016-02-10 12:55:55 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-02-10 12:55:53 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-02-10 12:55:52 ----A---- C:\WINDOWS\system32\twinui.dll
2016-02-10 12:55:51 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-02-10 12:55:49 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-02-10 12:55:48 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-02-10 12:55:47 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-02-10 12:55:46 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-02-10 12:55:45 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 12:55:44 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-02-10 12:55:44 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-02-10 12:55:43 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-02-10 12:55:42 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-02-10 12:55:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-02-10 12:55:41 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-02-10 12:55:41 ----A---- C:\WINDOWS\explorer.exe
2016-02-10 12:55:40 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-02-10 12:55:40 ----A---- C:\WINDOWS\system32\wininet.dll
2016-02-10 12:55:40 ----A---- C:\WINDOWS\system32\combase.dll
2016-02-10 12:55:39 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-02-10 12:55:38 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-02-10 12:55:38 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-02-10 12:55:38 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-02-10 12:55:38 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-02-10 12:55:38 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-02-10 12:55:37 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-02-10 12:55:37 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-02-10 12:55:37 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-02-10 12:55:36 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-02-10 12:55:36 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-02-10 12:55:36 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-02-10 12:55:36 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-02-10 12:55:36 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-02-10 12:55:35 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-02-10 12:55:35 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-02-10 12:55:35 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 12:55:35 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-02-10 12:55:34 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-02-10 12:55:34 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-02-10 12:55:34 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-02-10 12:55:33 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2016-02-10 12:55:33 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-02-10 12:55:33 ----A---- C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 12:55:33 ----A---- C:\WINDOWS\system32\OpenWith.exe
2016-02-10 12:55:33 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-02-10 12:55:33 ----A---- C:\WINDOWS\system32\iassam.dll
2016-02-10 12:55:33 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-02-10 12:55:33 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-02-10 12:55:32 ----A---- C:\WINDOWS\SYSWOW64\ztrace_maps.dll
2016-02-10 12:55:32 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-02-10 12:55:32 ----A---- C:\WINDOWS\SYSWOW64\cfgbkend.dll
2016-02-10 12:55:32 ----A---- C:\WINDOWS\system32\hlink.dll
2016-02-10 12:55:32 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 12:55:31 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-02-10 12:55:31 ----A---- C:\WINDOWS\SYSWOW64\iassam.dll
2016-02-10 12:55:31 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-02-10 12:55:31 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-02-10 12:55:31 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 12:55:30 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-02-10 12:55:30 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-02-10 12:55:30 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-02-10 12:55:30 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-01-31 12:58:17 ----D---- C:\_OTM
2016-01-28 10:48:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 10:48:20 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 10:48:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-01-28 10:48:07 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 10:47:56 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-01-28 10:47:56 ----A---- C:\WINDOWS\system32\d2d1.dll
2016-01-28 10:47:55 ----A---- C:\WINDOWS\system32\mos.dll
2016-01-28 10:47:51 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2016-01-28 10:47:51 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-01-28 10:47:50 ----A---- C:\WINDOWS\system32\InputService.dll
2016-01-28 10:47:50 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-01-28 10:47:50 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-01-28 10:47:49 ----A---- C:\WINDOWS\system32\WpcMon.exe
2016-01-28 10:47:48 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-01-28 10:47:48 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-01-28 10:47:47 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-01-28 10:47:47 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 10:47:46 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 10:47:46 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-01-28 10:47:46 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 10:47:45 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-01-28 10:47:45 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-01-28 10:47:45 ----A---- C:\WINDOWS\system32\msctf.dll
2016-01-28 10:47:45 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-01-28 10:47:45 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-01-28 10:47:45 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-01-28 10:47:44 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2016-01-28 10:47:44 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-01-28 10:47:44 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-01-28 10:47:44 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 10:47:44 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-01-28 10:47:43 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 10:47:43 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 10:47:43 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\quartz.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\MTFServer.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 10:47:42 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-01-28 10:47:41 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 10:47:41 ----A---- C:\WINDOWS\system32\MTF.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\SYSWOW64\SimCfg.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-01-28 10:47:40 ----A---- C:\WINDOWS\system32\srcore.dll
2016-01-28 10:47:39 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2016-01-28 10:47:39 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 10:47:39 ----A---- C:\WINDOWS\system32\SimCfg.dll
2016-01-28 10:47:39 ----A---- C:\WINDOWS\system32\services.exe
2016-01-28 10:47:39 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\SYSWOW64\SimAuth.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\wscapi.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\SimAuth.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\rasdlg.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\rasapi32.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 10:47:38 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\system32\DDDS.dll
2016-01-28 10:47:37 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 10:47:36 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2016-01-28 10:47:36 ----A---- C:\WINDOWS\system32\wlidcli.dll
2016-01-28 10:47:36 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 10:47:36 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 10:47:35 ----A---- C:\WINDOWS\system32\rastls.dll
2016-01-28 10:47:35 ----A---- C:\WINDOWS\system32\invagent.dll
2016-01-28 10:47:35 ----A---- C:\WINDOWS\system32\evr.dll
2016-01-28 10:47:34 ----A---- C:\WINDOWS\SYSWOW64\pcaui.exe
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\pcaui.exe
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\FilterDS.dll
2016-01-28 10:47:34 ----A---- C:\WINDOWS\system32\devinv.dll
2016-01-28 10:47:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 10:47:33 ----A---- C:\WINDOWS\SYSWOW64\rasautou.exe
2016-01-28 10:47:33 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 10:47:33 ----A---- C:\WINDOWS\system32\rasautou.exe
2016-01-28 10:47:33 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2016-01-28 10:47:32 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\SYSWOW64\winhttpcom.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\SYSWOW64\winbio.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\SYSWOW64\rasadhlp.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\winbio.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\sscoreext.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\rastlsext.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\rasauto.dll
2016-01-28 10:47:32 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2016-01-15 18:50:07 ----D---- C:\WINDOWS\Minidump
2016-01-13 11:32:48 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 11:32:46 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-01-13 11:32:45 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-01-13 11:32:45 ----A---- C:\WINDOWS\system32\usermgr.dll
2016-01-13 11:32:44 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-01-13 11:32:44 ----A---- C:\WINDOWS\system32\msxml6.dll
2016-01-13 11:32:43 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2016-01-13 11:32:43 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 11:32:43 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-01-13 11:32:42 ----A---- C:\WINDOWS\SYSWOW64\WMADMOD.DLL
2016-01-13 11:32:42 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2016-01-13 11:32:42 ----A---- C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 11:32:42 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-01-13 11:32:42 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 11:32:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-01-13 11:32:41 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-13 11:32:40 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-01-13 11:32:39 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-01-13 11:32:39 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOD.DLL
2016-01-13 11:32:39 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-01-13 11:32:39 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-01-13 11:32:39 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-01-13 11:32:39 ----A---- C:\WINDOWS\system32\advapi32.dll
2016-01-13 11:32:38 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2016-01-13 11:32:38 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 11:32:38 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-01-13 11:32:38 ----A---- C:\WINDOWS\system32\schannel.dll
2016-01-13 11:32:38 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-01-13 11:32:38 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\SYSWOW64\MP3DMOD.DLL
2016-01-13 11:32:37 ----A---- C:\WINDOWS\SYSWOW64\mftranscode.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\uReFS.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\PhoneService.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\mftranscode.dll
2016-01-13 11:32:37 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-13 11:32:36 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2016-01-13 11:32:36 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2016-01-13 11:32:36 ----A---- C:\WINDOWS\system32\winload.exe
2016-01-13 11:32:36 ----A---- C:\WINDOWS\system32\qedit.dll
2016-01-13 11:32:36 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-01-13 11:32:36 ----A---- C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 11:32:35 ----A---- C:\WINDOWS\SYSWOW64\usermgrcli.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\SYSWOW64\ProximityCommon.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\system32\ProximityCommon.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\system32\omadmclient.exe
2016-01-13 11:32:35 ----A---- C:\WINDOWS\system32\mfps.dll
2016-01-13 11:32:35 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-01-13 11:32:34 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOE.DLL
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\DscCore.dll
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\drivers\BthLEEnum.sys
2016-01-13 11:32:34 ----A---- C:\WINDOWS\system32\aitstatic.exe
2016-01-13 11:32:33 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-01-13 11:32:33 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2016-01-13 11:32:33 ----A---- C:\WINDOWS\system32\aepic.dll

======List of files/folders modified in the last 1 month======

2016-02-10 19:47:48 ----D---- C:\Program Files\trend micro
2016-02-10 19:44:41 ----D---- C:\WINDOWS\Temp
2016-02-10 19:38:00 ----D---- C:\WINDOWS\system32\sru
2016-02-10 19:17:23 ----D---- C:\WINDOWS\Prefetch
2016-02-10 15:32:02 ----HD---- C:\ProgramData
2016-02-10 14:57:54 ----D---- C:\WINDOWS\Microsoft.NET
2016-02-10 14:57:52 ----RSD---- C:\WINDOWS\assembly
2016-02-10 14:43:55 ----D---- C:\WINDOWS\system32\config
2016-02-10 14:41:08 ----D---- C:\Program Files (x86)\Steam
2016-02-10 14:34:44 ----D---- C:\WINDOWS\WinSxS
2016-02-10 14:31:26 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-02-10 14:31:26 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-02-10 14:31:26 ----D---- C:\WINDOWS\SysWOW64
2016-02-10 14:31:25 ----D---- C:\WINDOWS\system32\en-US
2016-02-10 14:31:25 ----D---- C:\WINDOWS\system32\cs-CZ
2016-02-10 14:31:25 ----D---- C:\WINDOWS\System32
2016-02-10 14:31:20 ----D---- C:\WINDOWS\INF
2016-02-10 14:31:20 ----D---- C:\Windows
2016-02-10 14:31:20 ----D---- C:\Program Files\Windows Journal
2016-02-10 14:31:17 ----D---- C:\WINDOWS\system32\drivers
2016-02-10 14:30:23 ----D---- C:\WINDOWS\system32\DriverStore
2016-02-10 14:23:35 ----D---- C:\WINDOWS\system32\MRT
2016-02-10 14:23:35 ----A---- C:\WINDOWS\system32\MRT.exe
2016-02-10 14:23:18 ----D---- C:\WINDOWS\CbsTemp
2016-02-10 14:21:56 ----SHD---- C:\System Volume Information
2016-02-10 12:46:54 ----D---- C:\WINDOWS\system32\catroot2
2016-02-10 10:04:10 ----D---- C:\WINDOWS\AppReadiness
2016-02-10 09:17:03 ----SHD---- C:\WINDOWS\Installer
2016-02-10 09:12:41 ----RD---- C:\Program Files (x86)
2016-02-10 09:12:37 ----D---- C:\WINDOWS\Tasks
2016-02-10 09:07:53 ----HD---- C:\Program Files\WindowsApps
2016-02-09 09:12:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-05 10:37:46 ----D---- C:\WINDOWS\system32\Tasks
2016-02-05 10:37:33 ----D---- C:\Program Files (x86)\Acer
2016-02-05 10:37:22 ----HD---- C:\OEM
2016-02-05 08:46:58 ----AD---- C:\Program Files (x86)\Opera
2016-02-04 20:54:07 ----D---- C:\Users\Zora\AppData\Roaming\TS3Client
2016-02-03 20:01:17 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-02-03 09:02:57 ----D---- C:\WINDOWS\system32\WDI
2016-02-02 13:58:10 ----AD---- C:\Program Files (x86)\Overwolf
2016-01-31 13:25:16 ----D---- C:\WINDOWS\rescache
2016-01-30 09:41:42 ----D---- C:\AdwCleaner
2016-01-29 18:27:08 ----D---- C:\WINDOWS\system32\NDF
2016-01-28 21:54:45 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-01-28 21:54:12 ----D---- C:\Program Files (x86)\Common Files
2016-01-28 21:52:36 ----AD---- C:\Program Files (x86)\Microsoft Office
2016-01-28 21:29:01 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-01-28 21:29:01 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-01-28 21:29:00 ----SD---- C:\WINDOWS\system32\F12
2016-01-28 21:29:00 ----D---- C:\WINDOWS\system32\oobe
2016-01-28 21:29:00 ----D---- C:\WINDOWS\system32\migration
2016-01-28 21:29:00 ----D---- C:\WINDOWS\system32\appraiser
2016-01-28 21:28:59 ----RD---- C:\WINDOWS\PurchaseDialog
2016-01-28 21:28:59 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-01-28 21:28:58 ----D---- C:\WINDOWS\bcastdvr
2016-01-28 21:28:58 ----D---- C:\WINDOWS\AppPatch
2016-01-14 22:56:35 ----D---- C:\WINDOWS\system32\Boot
2016-01-14 22:52:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-14 22:52:34 ----AD---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem8.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2013-12-13 36608]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-12-08 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-12-08 273784]
R0 BTATH_BUS;@oem10.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-26 35016]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-12-08 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-01-20 1065208]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-01-20 464256]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 APXACC;@oem3.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2014-03-28 225504]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-12-08 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-12-20 97648]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-12-08 155304]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-12-16 21648880]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-12-16 674288]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2015-10-30 4207104]
R3 AtiHDAudioService;@oem1.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-03-09 599240]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2015-10-30 165376]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-10-30 112640]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2015-10-30 36864]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-01-05 245760]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2015-10-30 84992]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-04-08 3917272]
R3 LMDriver;@oem12.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2013-07-18 21360]
R3 RadioShim;@oem12.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2013-07-18 14680]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-10-30 175104]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 RTSPER;@oem2.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-05-14 751632]
R3 SynRMIHID;@oem4.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [2014-02-19 42224]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2015-08-10 82072]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [2016-01-06 78088]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-01-05 953856]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-12-15 117248]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 45056]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-12-16 255472]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-11-04 351944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-08 226440]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2016-01-14 2860760]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-01-17 2772720]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-10-12 349728]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-06-10 466664]
R2 OneSyncSvc_b63e7;Hostitel synchronizace_b63e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-06-12 2573032]
R3 PimIndexMaintenanceSvc_b63e7;Data kontaktů_b63e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2014-06-26 458984]
R3 RMSvc;Quick Access RadioMgr Service; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [2014-06-26 449768]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-05 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1beb7e;Hostitel synchronizace_1beb7e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_39d7c;Hostitel synchronizace_39d7c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3b4c8;Hostitel synchronizace_3b4c8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3f25a;Hostitel synchronizace_3f25a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_64f5b;Hostitel synchronizace_64f5b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_87138;Hostitel synchronizace_87138; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_cf525;Hostitel synchronizace_cf525; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BRSptStub;BitRaider Mini-Support Service Stub Loader; C:\ProgramData\BitRaider\BRSptStub.exe [2016-01-06 363208]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2015-10-12 209952]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-05 107848]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1beb7e;Služba zasílání zpráv_1beb7e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_39d7c;Služba zasílání zpráv_39d7c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3b4c8;Služba zasílání zpráv_3b4c8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3f25a;Služba zasílání zpráv_3f25a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_64f5b;Služba zasílání zpráv_64f5b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_87138;Služba zasílání zpráv_87138; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_b63e7;Služba zasílání zpráv_b63e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_cf525;Služba zasílání zpráv_cf525; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-07 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-11-06 2099208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-01-17 212176]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-01-20 1009392]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1beb7e;Data kontaktů_1beb7e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_39d7c;Data kontaktů_39d7c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3b4c8;Data kontaktů_3b4c8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3f25a;Data kontaktů_3f25a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_64f5b;Data kontaktů_64f5b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_87138;Data kontaktů_87138; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_cf525;Data kontaktů_cf525; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-10 836176]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 10 úno 2016 20:13

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

zooh · #9 Příspěvek od **zooh** » 15 úno 2016 17:41

Řekla bych, že ano, rozhodně reklamy už nevyskakují. Děkuji

#10 Příspěvek od **Rudy** » 15 úno 2016 18:41

Rádo se stalo!

VIRY.CZ

Firefox mi hází web "vyhráli jste iPhone"

Firefox mi hází web "vyhráli jste iPhone"

Re: Firefox mi hází web "vyhráli jste iPhone"

Re: Firefox mi hází web "vyhráli jste iPhone"

Re: Firefox mi hází web "vyhráli jste iPhone"

Re: Firefox mi hází web "vyhráli jste iPhone"

Re: Firefox mi hází web "vyhráli jste iPhone"

Re: Firefox mi hází web "vyhráli jste iPhone"

Re: Firefox mi hází web "vyhráli jste iPhone"

Re: Firefox mi hází web "vyhráli jste iPhone"

Re: Firefox mi hází web "vyhráli jste iPhone"