windows explorer stale pada

Zpráva

Vasil · #1 Příspěvek od **Vasil** » 29 čer 2016 14:30

Prosím o kontrolu, v pc sa pri kopirovany suborov skoro vzdy objavi hlaska, ze windows explorer má problém a nasledne sa restartuje:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Škola at 2016-06-29 15:25:00
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 67 GB (49%) free of 138 GB
Total RAM: 2047 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:25:06, on 29. 6. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18347)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNABCSWK.EXE
C:\Program Files\Activ Software\ActivDriver\FlashExtension\flashbridge-wrapper-crossplatform.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Škola.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5z4734r12r
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [VEIVBCKWW] C:\Windows\SysWOW64\C_1252R.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ActivSDK Flash Extension.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Activcontrol (ActivControl) - Promethean - C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Acer SmartBoot Service (ASLSvc) - Acer Incorporated - C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9743 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe"
"C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe"
"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe"
"C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe"
"C:\Program Files\Acer\Empowering Technology\Service\ETService.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\ESET\ESET Endpoint Security\egui.exe" /hide /waitservice
"C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNABCSWK.EXE !hide Canon LBP6000/LBP6018
"C:\Program Files\Activ Software\ActivDriver\FlashExtension\flashbridge-wrapper-crossplatform.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-816b9a76-a96a-416f-8f24-d77a926355a7 -SystemEventPortName:HostProcess-73db31c0-aeb5-4f47-943c-65c957efe44d -IoCancelEventPortName:HostProcess-ef977399-fbba-4e29-8a56-1c6b3fee7666 -NonStateChangingEventPortName:HostProcess-99e8e55a-f736-4c05-adb2-ea84e5dcd393 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e773a8ed-b8e7-42ca-84f0-819a82e8cb2a -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
explorer.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe" --profile-directory="Profile 4"
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Škola\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=51.0.2704.103 --handshake-handle=0xd8
"C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe" --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Control/ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PreRead/Default/*QUIC/EnabledTimeLossLargeReduction/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_34/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --type=gpu-process --channel="4452.0.1353109390\490117493" --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,12,13,25,54,69 --gpu-vendor-id=0x10de --gpu-device-id=0x0a22 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4144 --mojo-platform-channel-handle=980 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PreRead/Default/*QUIC/EnabledTimeLossLargeReduction/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_34/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=28B3324F9198574D5FC72CD7F9FCAC47 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="4452.1.2125843913\42262838" --mojo-platform-channel-handle=1776 /prefetch:1
"C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PreRead/Default/*QUIC/EnabledTimeLossLargeReduction/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_34/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=144ABA58F2EF1467F460F7F8634928F5 --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="4452.2.1329021650\422034303" --mojo-platform-channel-handle=2692 /prefetch:1
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Škola\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d091308bf8ada2.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d0e49e701e37d2.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d12e631ec8e04.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d15e7bd62942c2.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d1ab64ea0584a6.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000UA.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000UA1d091308c8fbfb8.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000UA1d0e49e70ab37a2.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Škola\AppData\Roaming\Mozilla\Firefox\Profiles\gx454sqd.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
nppl3260.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpplugin.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-09-27 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AutoLockProcess"=C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe [2009-02-17 446464]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-02-01 349552]
"Acer PowerSaver"=C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe [2009-04-17 536576]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-11-17 9608224]
"CNAP2 Launcher"=C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [2010-01-11 226784]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"egui"=C:\Program Files\ESET\ESET Endpoint Security\egui.exe [2014-09-24 4124360]
"MFNetworkScanUtility"=C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [2012-09-27 486552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"VEIVBCKWW"=C:\Windows\SysWOW64\C_1252R.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-08 8202008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer SmartBoot]
C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe [2009-05-13 448000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ActivManager]
C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe [2012-11-28 712584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-08 8202008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01 144200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files (x86)\PDF24\pdf24.exe [2014-11-28 193568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [2009-04-16 91432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-11-18 261888]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-09-27 296096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"VEIVBCKWW"=C:\Windows\SysWOW64\C_1252R.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ActivSDK Flash Extension.lnk - C:\Windows\Installer\{BFC24411-3445-4494-88B8-C44DF15D3258}\NewShortcut1_08A9BB67B3284FEA9EC29BCD3F863A4A.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2016-06-29 15:25:00 ----D---- C:\rsit
2016-06-29 15:25:00 ----D---- C:\Program Files\trend micro
2016-06-29 15:12:02 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-06-15 13:25:36 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-06-15 13:25:36 ----A---- C:\Windows\system32\tzres.dll
2016-06-15 13:25:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-06-15 13:25:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-06-15 13:25:13 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-06-15 13:25:13 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\wdigest.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\rpcrt4.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\ncrypt.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\lsasrv.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\srv.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\cng.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\certcli.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-06-15 13:25:12 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-06-15 13:25:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-06-15 13:25:12 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-06-15 13:25:12 ----A---- C:\Windows\system32\schannel.dll
2016-06-15 13:25:12 ----A---- C:\Windows\system32\msv1_0.dll
2016-06-15 13:25:12 ----A---- C:\Windows\system32\kerberos.dll
2016-06-15 13:25:12 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\TSpkg.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\sspisrv.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\sspicli.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\secur32.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\rpchttp.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\lsass.exe
2016-06-15 13:25:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-06-15 13:25:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-06-15 13:25:11 ----A---- C:\Windows\system32\cryptbase.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\credssp.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\auditpol.exe
2016-06-15 13:25:11 ----A---- C:\Windows\system32\adtschema.dll
2016-06-15 13:25:10 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-06-15 13:25:10 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-06-15 13:25:10 ----A---- C:\Windows\system32\msobjs.dll
2016-06-15 13:25:10 ----A---- C:\Windows\system32\msaudite.dll
2016-06-15 13:24:47 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-06-15 13:24:47 ----A---- C:\Windows\system32\lpk.dll
2016-06-15 13:24:47 ----A---- C:\Windows\system32\fontsub.dll
2016-06-15 13:24:47 ----A---- C:\Windows\system32\dciman32.dll
2016-06-15 13:24:47 ----A---- C:\Windows\system32\atmfd.dll
2016-06-15 13:24:46 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-06-15 13:24:46 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-06-15 13:24:46 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-06-15 13:24:46 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-06-15 13:24:46 ----A---- C:\Windows\system32\atmlib.dll
2016-06-15 13:24:44 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-06-15 13:24:44 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-06-15 13:24:42 ----A---- C:\Windows\system32\win32k.sys
2016-06-15 13:24:40 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-06-15 13:24:40 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-06-15 13:24:40 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-06-15 13:24:40 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-06-15 13:24:40 ----A---- C:\Windows\system32\ws2_32.dll
2016-06-15 13:24:40 ----A---- C:\Windows\system32\winhttp.dll
2016-06-15 13:24:40 ----A---- C:\Windows\system32\netbtugc.exe
2016-06-15 13:24:40 ----A---- C:\Windows\system32\mswsock.dll
2016-06-15 13:24:40 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-06-15 13:24:34 ----A---- C:\Windows\system32\polstore.dll
2016-06-15 13:24:34 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-06-15 13:24:34 ----A---- C:\Windows\system32\gpsvc.dll
2016-06-15 13:24:34 ----A---- C:\Windows\system32\gpscript.exe
2016-06-15 13:24:34 ----A---- C:\Windows\system32\gpscript.dll
2016-06-15 13:24:34 ----A---- C:\Windows\system32\gpprefcl.dll
2016-06-15 13:24:34 ----A---- C:\Windows\system32\gpapi.dll
2016-06-15 13:24:33 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-06-15 13:24:33 ----A---- C:\Windows\system32\winipsec.dll
2016-06-15 13:24:33 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 13:24:12 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-06-15 13:24:12 ----A---- C:\Windows\system32\gdi32.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-06-15 13:17:01 ----A---- C:\Windows\system32\iernonce.dll
2016-06-15 13:17:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-06-15 13:17:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-06-15 13:17:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-06-15 13:17:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-06-15 13:17:00 ----A---- C:\Windows\system32\inseng.dll
2016-06-15 13:17:00 ----A---- C:\Windows\system32\ie4uinit.exe
2016-06-15 13:16:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-06-15 13:16:59 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-06-15 13:16:57 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-06-15 13:16:57 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-06-15 13:16:57 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-15 13:16:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-06-15 13:16:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-06-15 13:16:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-06-15 13:16:54 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-06-15 13:16:54 ----A---- C:\Windows\system32\urlmon.dll
2016-06-15 13:16:54 ----A---- C:\Windows\system32\occache.dll
2016-06-15 13:16:54 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-06-15 13:16:54 ----A---- C:\Windows\system32\iedkcs32.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-06-15 13:16:53 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-15 13:16:53 ----A---- C:\Windows\system32\msfeeds.dll
2016-06-15 13:16:53 ----A---- C:\Windows\system32\dxtrans.dll
2016-06-15 13:16:52 ----A---- C:\Windows\system32\iesetup.dll
2016-06-15 13:16:52 ----A---- C:\Windows\system32\ieapfltr.dll
2016-06-15 13:16:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-06-15 13:16:51 ----A---- C:\Windows\system32\iertutil.dll
2016-06-15 13:16:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-06-15 13:16:50 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-06-15 13:16:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-06-15 13:16:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-06-15 13:16:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-06-15 13:16:50 ----A---- C:\Windows\system32\vbscript.dll
2016-06-15 13:16:50 ----A---- C:\Windows\system32\jsproxy.dll
2016-06-15 13:16:48 ----A---- C:\Windows\system32\mshtmled.dll
2016-06-15 13:16:48 ----A---- C:\Windows\system32\ieui.dll
2016-06-15 13:16:48 ----A---- C:\Windows\system32\ieframe.dll
2016-06-15 13:16:48 ----A---- C:\Windows\system32\dxtmsft.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\webcheck.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\jscript9diag.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\jscript9.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\jscript.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\ieUnatt.exe
2016-06-15 13:16:46 ----A---- C:\Windows\system32\wininet.dll
2016-06-15 13:16:46 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-06-15 13:16:45 ----A---- C:\Windows\system32\msrating.dll
2016-06-15 13:16:45 ----A---- C:\Windows\system32\mshtml.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\invagent.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\generaltel.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\devinv.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-06-15 11:22:21 ----A---- C:\Windows\system32\centel.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\appraiser.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\aeinv.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\acmigration.dll
2016-06-15 11:22:20 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-06-15 11:22:20 ----A---- C:\Windows\system32\webio.dll
2016-06-15 11:22:15 ----A---- C:\Windows\system32\shell32.dll
2016-06-15 11:22:13 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-06-15 11:22:13 ----A---- C:\Windows\explorer.exe
2016-06-15 11:22:12 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-06-15 11:22:12 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-06-15 11:22:11 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-06-15 11:18:54 ----A---- C:\Windows\system32\authui.dll
2016-06-15 11:18:53 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-06-15 11:18:53 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-06-15 11:18:53 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-06-15 11:18:53 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-06-15 11:18:53 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-06-15 11:18:53 ----A---- C:\Windows\system32\msimsg.dll
2016-06-15 11:18:53 ----A---- C:\Windows\system32\msihnd.dll
2016-06-15 11:18:53 ----A---- C:\Windows\system32\msiexec.exe
2016-06-15 11:18:53 ----A---- C:\Windows\system32\msi.dll
2016-06-15 11:18:53 ----A---- C:\Windows\system32\consent.exe
2016-06-15 11:18:53 ----A---- C:\Windows\system32\appinfo.dll

======List of files/folders modified in the last 1 month======

2016-06-29 15:25:02 ----D---- C:\Windows\Temp
2016-06-29 15:25:00 ----RD---- C:\Program Files
2016-06-29 15:20:33 ----RD---- C:\Users
2016-06-29 15:20:27 ----D---- C:\Windows\system32\config
2016-06-29 15:19:02 ----D---- C:\Windows
2016-06-29 15:17:36 ----D---- C:\ProgramData\NVIDIA
2016-06-29 15:17:18 ----D---- C:\Windows\System32
2016-06-29 15:13:12 ----D---- C:\Windows\inf
2016-06-29 15:12:20 ----D---- C:\Windows\SysWOW64
2016-06-29 15:12:19 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-06-29 15:10:15 ----D---- C:\Program Files\NVIDIA Corporation
2016-06-29 15:09:00 ----D---- C:\Windows\system32\drivers
2016-06-29 15:08:48 ----D---- C:\Windows\system32\DriverStore
2016-06-29 15:03:39 ----D---- C:\Windows\Prefetch
2016-06-29 14:36:37 ----D---- C:\SVS_Proforient ZS
2016-06-29 14:36:06 ----SHD---- C:\Windows\Installer
2016-06-29 14:36:03 ----RD---- C:\Program Files (x86)
2016-06-29 14:27:26 ----SHD---- C:\$Recycle.Bin
2016-06-29 14:19:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-28 15:37:24 ----A---- C:\Windows\AgReport.INI
2016-06-28 14:13:13 ----D---- C:\Windows\debug
2016-06-27 14:17:08 ----D---- C:\Windows\system32\NDF
2016-06-23 12:05:14 ----D---- C:\Windows\system32\Tasks
2016-06-16 06:23:05 ----D---- C:\Windows\winsxs
2016-06-16 06:19:33 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-06-16 06:19:33 ----D---- C:\Windows\system32\sk-SK
2016-06-16 06:19:31 ----D---- C:\Windows\SYSWOW64\en-US
2016-06-16 06:19:30 ----D---- C:\Windows\system32\en-US
2016-06-16 06:19:29 ----D---- C:\Windows\system32\wbem
2016-06-16 06:19:29 ----D---- C:\Windows\system32\appraiser
2016-06-16 06:19:29 ----D---- C:\Windows\AppPatch
2016-06-16 06:19:26 ----D---- C:\Windows\sk-SK
2016-06-16 06:19:23 ----D---- C:\Program Files\Internet Explorer
2016-06-16 06:19:21 ----D---- C:\Program Files (x86)\Internet Explorer
2016-06-15 14:57:32 ----D---- C:\ProgramData\Microsoft Help
2016-06-15 14:56:28 ----D---- C:\Windows\system32\MRT
2016-06-15 14:43:37 ----A---- C:\Windows\system32\MRT.exe
2016-06-15 13:17:36 ----D---- C:\Windows\system32\catroot2
2016-06-13 19:31:06 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-09 18:54:33 ----D---- C:\Users\Škola\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 eLock2BurnerLockDriver;Disk Performance Monitor Filter Driver; C:\Windows\system32\DRIVERS\eLock2BurnerLockDriver.sys [2008-03-12 25120]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-09-10 59064]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-08-19 219696]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-08-19 155896]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-08-19 40512]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver; C:\Windows\system32\DRIVERS\eLock2FSCTLDriver.sys [2008-03-12 100384]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-08-19 198096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-11-17 2037408]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 vpcbus;Virtual PC Host Bus Service; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;USB Virtualization Connector Service; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []
S3 Cmprvg;Cmprvg; C:\Windows\system32\drivers\Cmprvg.sys [2012-05-23 223488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ActivControl;Activcontrol; C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe [2012-11-28 21400]
R2 ASLSvc;Acer SmartBoot Service; C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe [2009-05-13 502784]
R2 BcmSqlStartupSvc;Spúšacia služba produktu Business Contact Manager SQL Server; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [2014-09-24 1029704]
R2 eLockService;eLock Service; C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2009-02-17 24576]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2009-02-18 24576]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-11-18 255744]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 932040]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-04 409800]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [2014-09-24 41672]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [2014-09-24 190152]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-05-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-11 148080]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-20 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 29 čer 2016 18:02

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Vasil · #3 Příspěvek od **Vasil** » 30 čer 2016 06:53

# AdwCleaner v5.200 - Log vytvorený 30/06/2016 v 07:35:56
# Aktualizované 14/06/2016 by ToolsLib
# Databáza : 2016-06-29.1 [Server]
# Operačný systém : Windows 7 Professional Service Pack 1 (X64)
# Užívateľské meno : Škola - ZBOROVNA
# Spustené z : C:\Users\Škola\Desktop\adwcleaner_5.200.exe
# Nastavenie : Čistenie
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

***** [ Priečinky ] *****

[-] Priečinok Zmazané : C:\ProgramData\Partner
[#] Priečinok Zmazané : C:\ProgramData\Application Data\Partner

***** [ Súbory ] *****

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Zástupcovia ] *****

***** [ Naplánované úlohy ] *****

***** [ Registre ] *****

[-] Kľúč registra Zmazané : HKCU\Software\APN PIP
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}

***** [ Webové prehliadače ] *****

*************************

:: "Tracing" kľúče zmazané
:: Nastavenia Winsock resetované.

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1098 bajtov] - [30/06/2016 07:35:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [1238 bajtov] - [30/06/2016 07:32:37]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1246 bajtov] ##########

#4 Příspěvek od **Rudy** » 30 čer 2016 17:40

Dejte nový log RSIT.

Vasil · #5 Příspěvek od **Vasil** » 01 črc 2016 09:10

Logfile of random's system information tool 1.10 (written by random/random)
Run by Škola at 2016-07-01 10:07:23
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 67 GB (49%) free of 138 GB
Total RAM: 2047 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:07:26, on 1. 7. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18347)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNABCSWK.EXE
C:\Program Files\Activ Software\ActivDriver\FlashExtension\flashbridge-wrapper-crossplatform.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
c:\program files (x86)\real\realplayer\update\realsched.exe
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Škola.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5z4734r12r
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [VEIVBCKWW] C:\Windows\SysWOW64\C_1252R.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ActivSDK Flash Extension.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Activcontrol (ActivControl) - Promethean - C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Acer SmartBoot Service (ASLSvc) - Acer Incorporated - C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9809 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe"
"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe"
"C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe"
"C:\Program Files\Acer\Empowering Technology\Service\ETService.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b1eb498d-5f2b-4386-91aa-4e9c32dbb17b -SystemEventPortName:HostProcess-a792dae0-54a5-4a34-89d3-b46779432189 -IoCancelEventPortName:HostProcess-6fe6fe96-f096-4119-b756-b21dcab71a1b -NonStateChangingEventPortName:HostProcess-33e8abf0-4d71-4221-b9c0-c916ab0620be -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:aec80ae0-a7a9-40ea-9d40-fad6dfb7fe24 -DeviceGroupId:WpdFsGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\Dwm.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\ESET\ESET Endpoint Security\egui.exe" /hide /waitservice
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNABCSWK.EXE !hide Canon LBP6000/LBP6018
"C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files\Activ Software\ActivDriver\FlashExtension\flashbridge-wrapper-crossplatform.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
taskeng.exe {53E9A517-A819-4662-9200-5040CD3DB980}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"c:\program files (x86)\real\realplayer\update\realsched.exe"

"C:\Windows\Explorer.EXE"
"C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe" --profile-directory="Profile 4"
C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Škola\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=51.0.2704.103 --handshake-handle=0xd8
"C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe" --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Control/ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*QUIC/EnabledNoId/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_34/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --type=gpu-process --channel="3960.0.134605130\2044612097" --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,12,13,25,54,69 --gpu-vendor-id=0x10de --gpu-device-id=0x0a22 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4144 --mojo-platform-channel-handle=1084 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*QUIC/EnabledNoId/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_34/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=D87D053231E08974C8589426C38E844F --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3960.2.1679277239\357405859" --mojo-platform-channel-handle=1988 /prefetch:1
"C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*QUIC/EnabledNoId/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_34/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=92FF3B294CF01648AB6361DCEC8F156E --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3960.13.421925996\1496931754" --mojo-platform-channel-handle=1868 /prefetch:1
"C:\Users\Škola\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*QUIC/EnabledNoId/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_34/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=9CAFB61F51E69941A83EB8E57B9C41BC --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3960.17.395844259\388049630" --mojo-platform-channel-handle=1820 /prefetch:1
"C:\Users\Škola\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d091308bf8ada2.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d0e49e701e37d2.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d12e631ec8e04.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d15e7bd62942c2.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d1ab64ea0584a6.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000UA.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000UA1d091308c8fbfb8.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000UA1d0e49e70ab37a2.job - C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Škola\AppData\Roaming\Mozilla\Firefox\Profiles\gx454sqd.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
nppl3260.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpplugin.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-09-27 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AutoLockProcess"=C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe [2009-02-17 446464]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-02-01 349552]
"Acer PowerSaver"=C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe [2009-04-17 536576]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-11-17 9608224]
"CNAP2 Launcher"=C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [2010-01-11 226784]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"egui"=C:\Program Files\ESET\ESET Endpoint Security\egui.exe [2014-09-24 4124360]
"MFNetworkScanUtility"=C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [2012-09-27 486552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"VEIVBCKWW"=C:\Windows\SysWOW64\C_1252R.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-08 8202008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer SmartBoot]
C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe [2009-05-13 448000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ActivManager]
C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe [2012-11-28 712584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-08 8202008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Škola\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01 144200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files (x86)\PDF24\pdf24.exe [2014-11-28 193568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [2009-04-16 91432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-11-18 261888]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192]
"TkBellExe"=c:\program files (x86)\real\realplayer\update\realsched.exe [2012-09-27 296096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"VEIVBCKWW"=C:\Windows\SysWOW64\C_1252R.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ActivSDK Flash Extension.lnk - C:\Windows\Installer\{BFC24411-3445-4494-88B8-C44DF15D3258}\NewShortcut1_08A9BB67B3284FEA9EC29BCD3F863A4A.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2016-06-30 07:32:24 ----D---- C:\AdwCleaner
2016-06-29 15:25:00 ----D---- C:\rsit
2016-06-29 15:25:00 ----D---- C:\Program Files\trend micro
2016-06-29 15:12:02 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-06-15 13:25:36 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-06-15 13:25:36 ----A---- C:\Windows\system32\tzres.dll
2016-06-15 13:25:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-06-15 13:25:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-06-15 13:25:13 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-06-15 13:25:13 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\wdigest.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\rpcrt4.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\ncrypt.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\lsasrv.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\srv.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\drivers\cng.sys
2016-06-15 13:25:13 ----A---- C:\Windows\system32\certcli.dll
2016-06-15 13:25:13 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-06-15 13:25:12 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-06-15 13:25:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-06-15 13:25:12 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-06-15 13:25:12 ----A---- C:\Windows\system32\schannel.dll
2016-06-15 13:25:12 ----A---- C:\Windows\system32\msv1_0.dll
2016-06-15 13:25:12 ----A---- C:\Windows\system32\kerberos.dll
2016-06-15 13:25:12 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-06-15 13:25:11 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\TSpkg.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\sspisrv.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\sspicli.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\secur32.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\rpchttp.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\lsass.exe
2016-06-15 13:25:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-06-15 13:25:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-06-15 13:25:11 ----A---- C:\Windows\system32\cryptbase.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\credssp.dll
2016-06-15 13:25:11 ----A---- C:\Windows\system32\auditpol.exe
2016-06-15 13:25:11 ----A---- C:\Windows\system32\adtschema.dll
2016-06-15 13:25:10 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-06-15 13:25:10 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-06-15 13:25:10 ----A---- C:\Windows\system32\msobjs.dll
2016-06-15 13:25:10 ----A---- C:\Windows\system32\msaudite.dll
2016-06-15 13:24:47 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-06-15 13:24:47 ----A---- C:\Windows\system32\lpk.dll
2016-06-15 13:24:47 ----A---- C:\Windows\system32\fontsub.dll
2016-06-15 13:24:47 ----A---- C:\Windows\system32\dciman32.dll
2016-06-15 13:24:47 ----A---- C:\Windows\system32\atmfd.dll
2016-06-15 13:24:46 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-06-15 13:24:46 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-06-15 13:24:46 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-06-15 13:24:46 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-06-15 13:24:46 ----A---- C:\Windows\system32\atmlib.dll
2016-06-15 13:24:44 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-06-15 13:24:44 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-06-15 13:24:42 ----A---- C:\Windows\system32\win32k.sys
2016-06-15 13:24:40 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-06-15 13:24:40 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-06-15 13:24:40 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-06-15 13:24:40 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-06-15 13:24:40 ----A---- C:\Windows\system32\ws2_32.dll
2016-06-15 13:24:40 ----A---- C:\Windows\system32\winhttp.dll
2016-06-15 13:24:40 ----A---- C:\Windows\system32\netbtugc.exe
2016-06-15 13:24:40 ----A---- C:\Windows\system32\mswsock.dll
2016-06-15 13:24:40 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-06-15 13:24:34 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-06-15 13:24:34 ----A---- C:\Windows\system32\polstore.dll
2016-06-15 13:24:34 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-06-15 13:24:34 ----A---- C:\Windows\system32\gpsvc.dll
2016-06-15 13:24:34 ----A---- C:\Windows\system32\gpscript.exe
2016-06-15 13:24:34 ----A---- C:\Windows\system32\gpscript.dll
2016-06-15 13:24:34 ----A---- C:\Windows\system32\gpprefcl.dll
2016-06-15 13:24:34 ----A---- C:\Windows\system32\gpapi.dll
2016-06-15 13:24:33 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-06-15 13:24:33 ----A---- C:\Windows\system32\winipsec.dll
2016-06-15 13:24:33 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 13:24:12 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-06-15 13:24:12 ----A---- C:\Windows\system32\gdi32.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-06-15 13:17:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-06-15 13:17:01 ----A---- C:\Windows\system32\iernonce.dll
2016-06-15 13:17:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-06-15 13:17:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-06-15 13:17:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-06-15 13:17:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-06-15 13:17:00 ----A---- C:\Windows\system32\inseng.dll
2016-06-15 13:17:00 ----A---- C:\Windows\system32\ie4uinit.exe
2016-06-15 13:16:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-06-15 13:16:59 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-06-15 13:16:57 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-06-15 13:16:57 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-06-15 13:16:57 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-15 13:16:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-06-15 13:16:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-06-15 13:16:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-06-15 13:16:54 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-06-15 13:16:54 ----A---- C:\Windows\system32\urlmon.dll
2016-06-15 13:16:54 ----A---- C:\Windows\system32\occache.dll
2016-06-15 13:16:54 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-06-15 13:16:54 ----A---- C:\Windows\system32\iedkcs32.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-06-15 13:16:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-06-15 13:16:53 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-15 13:16:53 ----A---- C:\Windows\system32\msfeeds.dll
2016-06-15 13:16:53 ----A---- C:\Windows\system32\dxtrans.dll
2016-06-15 13:16:52 ----A---- C:\Windows\system32\iesetup.dll
2016-06-15 13:16:52 ----A---- C:\Windows\system32\ieapfltr.dll
2016-06-15 13:16:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-06-15 13:16:51 ----A---- C:\Windows\system32\iertutil.dll
2016-06-15 13:16:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-06-15 13:16:50 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-06-15 13:16:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-06-15 13:16:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-06-15 13:16:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-06-15 13:16:50 ----A---- C:\Windows\system32\vbscript.dll
2016-06-15 13:16:50 ----A---- C:\Windows\system32\jsproxy.dll
2016-06-15 13:16:48 ----A---- C:\Windows\system32\mshtmled.dll
2016-06-15 13:16:48 ----A---- C:\Windows\system32\ieui.dll
2016-06-15 13:16:48 ----A---- C:\Windows\system32\ieframe.dll
2016-06-15 13:16:48 ----A---- C:\Windows\system32\dxtmsft.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\webcheck.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\jscript9diag.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\jscript9.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\jscript.dll
2016-06-15 13:16:47 ----A---- C:\Windows\system32\ieUnatt.exe
2016-06-15 13:16:46 ----A---- C:\Windows\system32\wininet.dll
2016-06-15 13:16:46 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-06-15 13:16:45 ----A---- C:\Windows\system32\msrating.dll
2016-06-15 13:16:45 ----A---- C:\Windows\system32\mshtml.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\invagent.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\generaltel.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\devinv.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-06-15 11:22:21 ----A---- C:\Windows\system32\centel.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\appraiser.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\aeinv.dll
2016-06-15 11:22:21 ----A---- C:\Windows\system32\acmigration.dll
2016-06-15 11:22:20 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-06-15 11:22:20 ----A---- C:\Windows\system32\webio.dll
2016-06-15 11:22:15 ----A---- C:\Windows\system32\shell32.dll
2016-06-15 11:22:13 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-06-15 11:22:13 ----A---- C:\Windows\explorer.exe
2016-06-15 11:22:12 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-06-15 11:22:12 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-06-15 11:22:11 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-06-15 11:18:54 ----A---- C:\Windows\system32\authui.dll
2016-06-15 11:18:53 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-06-15 11:18:53 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-06-15 11:18:53 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-06-15 11:18:53 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-06-15 11:18:53 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-06-15 11:18:53 ----A---- C:\Windows\system32\msimsg.dll
2016-06-15 11:18:53 ----A---- C:\Windows\system32\msihnd.dll
2016-06-15 11:18:53 ----A---- C:\Windows\system32\msiexec.exe
2016-06-15 11:18:53 ----A---- C:\Windows\system32\msi.dll
2016-06-15 11:18:53 ----A---- C:\Windows\system32\consent.exe
2016-06-15 11:18:53 ----A---- C:\Windows\system32\appinfo.dll

======List of files/folders modified in the last 1 month======

2016-07-01 10:07:26 ----D---- C:\Windows\Prefetch
2016-07-01 10:07:22 ----D---- C:\Windows\Temp
2016-07-01 08:24:27 ----D---- C:\Windows\System32
2016-07-01 08:24:27 ----D---- C:\Windows\inf
2016-07-01 08:24:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-01 07:44:53 ----D---- C:\Windows\system32\Tasks
2016-07-01 07:37:46 ----D---- C:\Windows\system32\config
2016-07-01 07:35:23 ----D---- C:\ProgramData\NVIDIA
2016-06-30 10:14:40 ----A---- C:\Windows\AgReport.INI
2016-06-30 07:37:03 ----D---- C:\Windows
2016-06-30 07:35:56 ----HD---- C:\ProgramData
2016-06-29 15:25:00 ----RD---- C:\Program Files
2016-06-29 15:20:33 ----RD---- C:\Users
2016-06-29 15:12:20 ----D---- C:\Windows\SysWOW64
2016-06-29 15:12:19 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-06-29 15:10:15 ----D---- C:\Program Files\NVIDIA Corporation
2016-06-29 15:09:00 ----D---- C:\Windows\system32\drivers
2016-06-29 15:08:48 ----D---- C:\Windows\system32\DriverStore
2016-06-29 14:36:37 ----D---- C:\SVS_Proforient ZS
2016-06-29 14:36:06 ----SHD---- C:\Windows\Installer
2016-06-29 14:36:03 ----RD---- C:\Program Files (x86)
2016-06-29 14:27:26 ----SHD---- C:\$Recycle.Bin
2016-06-28 14:13:13 ----D---- C:\Windows\debug
2016-06-27 14:17:08 ----D---- C:\Windows\system32\NDF
2016-06-16 06:23:05 ----D---- C:\Windows\winsxs
2016-06-16 06:19:33 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-06-16 06:19:33 ----D---- C:\Windows\system32\sk-SK
2016-06-16 06:19:31 ----D---- C:\Windows\SYSWOW64\en-US
2016-06-16 06:19:30 ----D---- C:\Windows\system32\en-US
2016-06-16 06:19:29 ----D---- C:\Windows\system32\wbem
2016-06-16 06:19:29 ----D---- C:\Windows\system32\appraiser
2016-06-16 06:19:29 ----D---- C:\Windows\AppPatch
2016-06-16 06:19:26 ----D---- C:\Windows\sk-SK
2016-06-16 06:19:23 ----D---- C:\Program Files\Internet Explorer
2016-06-16 06:19:21 ----D---- C:\Program Files (x86)\Internet Explorer
2016-06-15 14:57:32 ----D---- C:\ProgramData\Microsoft Help
2016-06-15 14:56:28 ----D---- C:\Windows\system32\MRT
2016-06-15 14:43:37 ----A---- C:\Windows\system32\MRT.exe
2016-06-15 13:17:36 ----D---- C:\Windows\system32\catroot2
2016-06-13 19:31:06 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-09 18:54:33 ----D---- C:\Users\Škola\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 eLock2BurnerLockDriver;Disk Performance Monitor Filter Driver; C:\Windows\system32\DRIVERS\eLock2BurnerLockDriver.sys [2008-03-12 25120]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-09-10 59064]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-08-19 219696]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-08-19 155896]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-08-19 40512]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver; C:\Windows\system32\DRIVERS\eLock2FSCTLDriver.sys [2008-03-12 100384]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-08-19 198096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-11-17 2037408]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 vpcbus;Virtual PC Host Bus Service; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;USB Virtualization Connector Service; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []
S3 Cmprvg;Cmprvg; C:\Windows\system32\drivers\Cmprvg.sys [2012-05-23 223488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ActivControl;Activcontrol; C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe [2012-11-28 21400]
R2 ASLSvc;Acer SmartBoot Service; C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe [2009-05-13 502784]
R2 BcmSqlStartupSvc;Spúšacia služba produktu Business Contact Manager SQL Server; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [2014-09-24 1029704]
R2 eLockService;eLock Service; C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2009-02-17 24576]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2009-02-18 24576]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-11-18 255744]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 932040]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-04 409800]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [2014-09-24 41672]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [2014-09-24 190152]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-05-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-11 148080]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-20 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 01 črc 2016 16:02

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d091308bf8ada2.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d0e49e701e37d2.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d12e631ec8e04.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d15e7bd62942c2.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000Core1d1ab64ea0584a6.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000UA1d091308c8fbfb8.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3185774080-2013866828-2729531283-1000UA1d0e49e70ab37a2.job

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"VEIVBCKWW"=-

:services
Nero BackItUp Scheduler 4.0

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

VIRY.CZ

windows explorer stale pada

windows explorer stale pada

Re: windows explorer stale pada

Re: windows explorer stale pada

Re: windows explorer stale pada

Re: windows explorer stale pada

Re: windows explorer stale pada