Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zamrznutí PC při Hraní čehokoliv

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
matesss
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 03 zář 2008 10:25

Zamrznutí PC při Hraní čehokoliv

#1 Příspěvek od matesss »

Zdravím prosím o radu... dnes sem zkoušel hrát na pc .. a zničeho nic při far cry 3 zásek, dal jsem hard restart a při hraní far cry 4 to samé.
Pak jsem zkusil i méně náročné Call of duty 2 a zase ... Posím o radu ... C++ už jsem zkoušel reinstallovat.

Věřím že mi opět pomůžete ;-)


Zde je rsit log:


Logfile of random's system information tool 1.10 (written by random/random)
Run by Matee-es at 2016-10-05 18:22:51
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 59 GB (39%) free of 150 GB
Total RAM: 8092 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:22:52, on 5.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Matee-es\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\IObit\Driver Booster\4.0.3\Scheduler.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Matee-es.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E24797801E268EF59764FAA50CDC344E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Matee-es\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hercules® DJ Control MP3 (HerculesDJControlMP3) - Guillemot Corporation ® - C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Solar Keyboard Service (L4301_Solar) - Logitech, Inc. - C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe

--
End of file - 12401 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\Logitech\SolarApp\L4301_Solar.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {522FDBFA-5B38-4CB3-B9C5-3CE38FCC681B}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {56BEF061-8CB6-4242-9252-A286E9A4807E}
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe"
C:\Windows\DAODx.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Matee-es\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0xb4
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2868.0.858694238\409328412" --mojo-application-channel-token=5C38EB72CF2B1A37574AC230B624F87B --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Control/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,56,70 --gpu-vendor-id=0x10de --gpu-device-id=0x13c2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.7290 --gpu-driver-date=9-16-2016 --mojo-platform-channel-handle=1156 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe" --xmlFilePath="C:\Users\Matee-es\AppData\Local\Temp\adobegc_a02804" --workflowInitiator=CSUpdater --xmlFilePath2="C:\Users\Public\Documents\AdobeGC\adobegc_a02804"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "-8842122771391074013-49095548379688783419942965101493425672-1256724611326406957
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=A54DFD4C82A3A7FE13E384F5F037F534 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=719BFECAA9F506BA3AECC631D8228BFA --mojo-application-channel-token=A54DFD4C82A3A7FE13E384F5F037F534 --channel="2868.3.1817171836\1713050094" --mojo-platform-channel-handle=2584 /prefetch:1
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -l 3 -c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=0DC47CD5935CDAE07D386D5F029A4EBD --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=1FD6CA42AA471CE4DA089D7A9B77C3A4 --mojo-application-channel-token=0DC47CD5935CDAE07D386D5F029A4EBD --channel="2868.7.1929900355\1850038635" --mojo-platform-channel-handle=5640 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=74B25E1C2105B3A2791FA42266B2DAF2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=5E880D5E645AD3540EA6589D12AAF128 --mojo-application-channel-token=74B25E1C2105B3A2791FA42266B2DAF2 --channel="2868.8.320998349\564977287" --mojo-platform-channel-handle=5988 /prefetch:1
"C:\Users\Matee-es\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=DCDA81A2A5130F8EF70B2D92E97AFDDF --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=BC777F927A34B28C5C431A3E382E5C14 --mojo-application-channel-token=DCDA81A2A5130F8EF70B2D92E97AFDDF --channel="2868.9.1128087652\251591033" --mojo-platform-channel-handle=6108 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=E319BF17837C394BA0449191892F0FF4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=86CB17E832BB793B44DD7FFD66FC069E --mojo-application-channel-token=E319BF17837C394BA0449191892F0FF4 --channel="2868.11.467238051\2044112267" --mojo-platform-channel-handle=3000 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=6B1A453AA961E7345A05EB777AA268ED --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=5B346B18F80B4CE8FF80F10D79AB8972 --mojo-application-channel-token=6B1A453AA961E7345A05EB777AA268ED --channel="2868.13.753195501\11837474" --mojo-platform-channel-handle=7564 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=65D8B8F43D98DA2FE96332DEE11D6F66 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=757FF3573F986028454E21BF2E6B2C56 --mojo-application-channel-token=65D8B8F43D98DA2FE96332DEE11D6F66 --channel="2868.14.2036614251\813878444" --mojo-platform-channel-handle=7956 /prefetch:1
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 544 548 556 65536 552
WLIDSvcM.exe 5100
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\IObit\Driver Booster\4.0.3\Scheduler.exe" /scheduler
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=D95A045DED0CFCBA671820F840C51B1B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=6F3867875F2EF2CD6881F0458EF64A56 --mojo-application-channel-token=D95A045DED0CFCBA671820F840C51B1B --channel="2868.16.1379627424\854040530" --mojo-platform-channel-handle=3256 /prefetch:1
"C:\Users\Matee-es\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-20 902624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2015-09-24 65952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-20 679680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-08-19 7202520]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-09-30 1844280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_E24797801E268EF59764FAA50CDC344E"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-09-25 966760]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"uTorrent"=C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe [2015-02-22 416168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2016-07-28 1867448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bloody2]
C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [2016-07-22 19228160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series TrayAgent]
C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [2015-12-07 1817248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Games DATA\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rundll32]
C:\Program Files\BuzzDock\BuzzDock.dll [2015-05-11 2712064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2016-09-30 1844280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
C:\PROGRA~2\HEWLET~1\DIGITA~1\bin\hpotdd01.exe [2003-04-09 28672]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-27 7408312]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2016-07-28 1867448]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-05 18:22:51 ----D---- C:\rsit
2016-10-05 18:22:51 ----D---- C:\Program Files\trend micro
2016-10-05 17:53:07 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-10-05 17:53:07 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-10-05 17:52:20 ----A---- C:\Windows\system32\drivers\asmtxhci.sys
2016-10-05 17:47:33 ----D---- C:\Windows\IObit
2016-10-05 17:47:33 ----D---- C:\ProgramData\ProductData
2016-10-05 17:47:12 ----D---- C:\ProgramData\IObit
2016-10-05 17:47:12 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-10-05 17:47:09 ----D---- C:\Program Files (x86)\IObit
2016-10-05 17:46:55 ----D---- C:\Users\Matee-es\AppData\Roaming\IObit
2016-10-05 17:18:08 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2016-10-05 17:18:08 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\nvspcap64.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\nvspbridge64.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2016-10-05 17:17:59 ----A---- C:\Windows\NvContainerRecovery.bat
2016-10-05 17:17:51 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2016-10-05 17:17:51 ----A---- C:\Windows\system32\nvaudcap64v.dll
2016-10-05 17:17:51 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2016-10-05 17:15:33 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-10-05 17:14:31 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-09-30 12:43:22 ----D---- C:\ProgramData\BOINC
2016-09-30 12:43:21 ----D---- C:\Windows\Downloaded Installations
2016-09-30 06:49:56 ----D---- C:\Windows\pss
2016-09-29 14:54:19 ----D---- C:\Users\Matee-es\AppData\Roaming\PhotoFiltre Studio X
2016-09-28 10:19:24 ----D---- C:\Users\Matee-es\AppData\Roaming\Hewlett-Packard
2016-09-28 10:06:10 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-09-28 10:06:10 ----A---- C:\Windows\system32\InkEd.dll
2016-09-28 10:02:43 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-09-28 10:01:52 ----N---- C:\Windows\hpomdl01.dat
2016-09-28 10:01:52 ----A---- C:\Windows\hpoins01.dat
2016-09-23 17:26:26 ----D---- C:\Program Files (x86)\SpeedFan
2016-09-22 18:28:32 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-09-22 18:28:26 ----D---- C:\Program Files (x86)\VulkanRT
2016-09-22 18:28:26 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-09-22 18:28:26 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-09-22 18:28:26 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-09-22 18:28:26 ----A---- C:\Windows\system32\vulkan-1.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvopencl.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvoglv64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvinitx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvIFR64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvFBC64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvdispgenco6437290.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvdispco6437290.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcuvid.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcuda.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcompiler.dll
2016-09-20 13:43:49 ----D---- C:\ProgramData\Malwarebytes
2016-09-19 13:43:23 ----D---- C:\Users\Matee-es\AppData\Roaming\Ashampoo
2016-09-09 20:25:58 ----A---- C:\Windows\SYSWOW64\vulkan-1-1-0-26-0.dll
2016-09-09 20:25:28 ----A---- C:\Windows\SYSWOW64\vulkaninfo-1-1-0-26-0.exe
2016-09-09 20:25:10 ----A---- C:\Windows\system32\vulkan-1-1-0-26-0.dll
2016-09-09 20:24:38 ----A---- C:\Windows\system32\vulkaninfo-1-1-0-26-0.exe

======List of files/folders modified in the last 1 month======

2016-10-05 18:22:51 ----RD---- C:\Program Files
2016-10-05 18:22:51 ----D---- C:\Windows\Temp
2016-10-05 18:22:39 ----D---- C:\Users\Matee-es\AppData\Roaming\uTorrent
2016-10-05 18:22:18 ----D---- C:\Windows
2016-10-05 18:21:21 ----D---- C:\ProgramData\NVIDIA
2016-10-05 18:21:08 ----D---- C:\Windows\System32
2016-10-05 17:58:12 ----D---- C:\Windows\inf
2016-10-05 17:57:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-05 17:56:48 ----D---- C:\Windows\system32\DriverStore
2016-10-05 17:55:16 ----D---- C:\Windows\system32\catroot
2016-10-05 17:54:07 ----D---- C:\Windows\system32\drivers
2016-10-05 17:53:07 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-10-05 17:49:16 ----SHD---- C:\System Volume Information
2016-10-05 17:47:36 ----D---- C:\Windows\system32\Tasks
2016-10-05 17:47:33 ----HD---- C:\ProgramData
2016-10-05 17:47:12 ----D---- C:\Windows\SYSWOW64\drivers
2016-10-05 17:47:09 ----D---- C:\Program Files (x86)
2016-10-05 17:45:03 ----D---- C:\Program Files (x86)\Native Instruments
2016-10-05 17:44:43 ----SHD---- C:\Windows\Installer
2016-10-05 17:43:51 ----D---- C:\Windows\SysWOW64
2016-10-05 17:43:27 ----D---- C:\ProgramData\Package Cache
2016-10-05 17:39:06 ----D---- C:\Windows\system32\config
2016-10-05 17:18:19 ----D---- C:\ProgramData\NVIDIA Corporation
2016-10-05 17:18:08 ----D---- C:\Program Files\NVIDIA Corporation
2016-10-05 17:18:06 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-10-05 17:11:31 ----D---- C:\Windows\winsxs
2016-10-04 22:26:57 ----D---- C:\Users\Matee-es\AppData\Roaming\Skype
2016-10-04 17:01:21 ----D---- C:\Users\Matee-es\AppData\Roaming\Tunngle
2016-10-04 13:06:38 ----D---- C:\ProgramData\Tunngle
2016-10-03 14:30:53 ----D---- C:\Users\Matee-es\AppData\Roaming\DVDVideoSoft
2016-10-01 07:20:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-09-30 13:12:42 ----D---- C:\Program Files (x86)\Ubisoft
2016-09-29 14:54:19 ----D---- C:\Users\Matee-es\AppData\Roaming\Identities
2016-09-28 21:23:16 ----D---- C:\Windows\system32\catroot2
2016-09-28 10:03:05 ----D---- C:\Program Files (x86)\Common Files
2016-09-28 10:02:47 ----A---- C:\Windows\win.ini
2016-09-28 10:01:47 ----D---- C:\temp
2016-09-27 22:55:55 ----D---- C:\Users\Matee-es\AppData\Roaming\Origin
2016-09-27 13:30:54 ----D---- C:\ProgramData\Origin
2016-09-27 12:40:07 ----D---- C:\ProgramData\Orbit
2016-09-25 23:01:52 ----D---- C:\Users\Matee-es\AppData\Roaming\vlc
2016-09-24 10:29:24 ----RSD---- C:\Windows\Fonts
2016-09-23 21:27:17 ----D---- C:\ProgramData\Skype
2016-09-20 14:11:50 ----D---- C:\Windows\SoftwareDistribution
2016-09-20 06:50:20 ----D---- C:\Program Files (x86)\Origin
2016-09-18 22:29:18 ----D---- C:\Windows\Logs
2016-09-18 21:08:08 ----D---- C:\Program Files (x86)\Steam
2016-09-18 21:00:52 ----D---- C:\Windows\SYSWOW64\directx
2016-09-18 14:02:47 ----D---- C:\Windows\Prefetch
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-09-17 02:46:09 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-09-17 02:46:09 ----A---- C:\Windows\system32\nvapi64.dll
2016-09-17 00:57:43 ----A---- C:\Windows\system32\nvsvc64.dll
2016-09-17 00:57:43 ----A---- C:\Windows\system32\nvcpl.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvvsvc.exe
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvsvcr.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvshext.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvmctray.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nv3dappshextr.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nv3dappshext.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-20 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-08-05 292704]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2016-04-20 161760]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-20 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-05-20 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-20 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-20 465792]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\rsdrvx64.sys [2009-02-12 26024]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-10-05 27552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-20 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-20 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-05-20 166432]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-05-20 323392]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2013-08-16 140032]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2016-10-05 442104]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-21 3591000]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-06-30 214592]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-09-30 47672]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-10-05 1030400]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2016-04-27 39464]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Asushwio;Asushwio; \??\E:\Bin\64bit\Asushwio.sys []
S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys [2016-01-13 339104]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-05 103448]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys []
S3 HDJMidi;Hercules DJControl Glow MIDI; C:\Windows\system32\DRIVERS\HDJMidi.sys [2016-01-13 283296]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-10-05 192216]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-09-30 29240]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-05 203672]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-09-26 2207960]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-20 243296]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2016-01-19 388968]
R2 HerculesDJControlMP3;Hercules® DJ Control MP3; C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2015-10-14 105472]
R2 L4301_Solar;Logitech Solar Keyboard Service; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [2013-01-30 405744]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-09-30 457272]
R2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-09-30 1165368]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-09-17 1364024]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-08-30 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-08-30 107832]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-09-17 426040]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-05-20 5570272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-27 144200]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2016-09-20 2206224]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-27 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-09-30 457272]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-09-20 2141192]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-16 569024]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2016-06-23 872432]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-01-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zamrznutí PC při Hraní čehokoliv

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Předem upozorňuji, že jsme bezpečnostní fórum a tudíž neřešíme problematiku her. Od toho jsou jiná fóra.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
matesss
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 03 zář 2008 10:25

Re: Zamrznutí PC při Hraní čehokoliv

#3 Příspěvek od matesss »

Ano jsem si toho vědom a sem Vám velice zavazan ... mam totiž podezdření na vir a na ty jste experti pouze vy ... :idea:

zde je log .... který vyskočil po restartu

# AdwCleaner v6.020 - Logfile created 05/10/2016 at 20:01:14
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-10-03.1 [Server]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Matee-es - MATEE-ES-PC
# Running from : C:\Users\Matee-es\Downloads\adwcleaner_6.020.exe
# Mode: Clean
# Support : https://toolslib.net/forum



***** [ Services ] *****



***** [ Folders ] *****

[-] Folder deleted: C:\Users\Matee-es\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc
[-] Folder deleted: C:\Users\Matee-es\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl


***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
[-] Key deleted: HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKU\S-1-5-21-706122237-3197980538-511727788-1000\Software\distromatic
[-] Key deleted: HKU\S-1-5-21-706122237-3197980538-511727788-1000\Software\SecuredDownload
[#] Key deleted on reboot: HKCU\Software\distromatic
[#] Key deleted on reboot: HKCU\Software\SecuredDownload
[#] Key deleted on reboot: [x64] HKCU\Software\distromatic
[#] Key deleted on reboot: [x64] HKCU\Software\SecuredDownload
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
[-] Key deleted: HKLM\SOFTWARE\Classes\f


***** [ Web browsers ] *****

[-] [C:\Users\Matee-es\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: nonjdcjchghhkdoolnlbekcfllmednbl
[-] [C:\Users\Matee-es\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: okanipcmceoeemlbjnmnbdibhgpbllgc


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2042 Bytes] - [06/04/2016 13:18:02]
C:\AdwCleaner\AdwCleaner[C2].txt - [2809 Bytes] - [05/10/2016 20:01:14]
C:\AdwCleaner\AdwCleaner[S1].txt - [1818 Bytes] - [06/04/2016 13:13:22]
C:\AdwCleaner\AdwCleaner[S2].txt - [3030 Bytes] - [05/10/2016 18:52:08]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [3028 Bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zamrznutí PC při Hraní čehokoliv

#4 Příspěvek od Rudy »

Dejte nový log RSIT
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
matesss
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 03 zář 2008 10:25

Re: Zamrznutí PC při Hraní čehokoliv

#5 Příspěvek od matesss »

Zasílam v přiloze ... nejde mi to nakopirovat :-(
Přílohy
AdwCleaner[S3].rar
(1.01 KiB) Staženo 43 x
Nahoru
matesss
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 03 zář 2008 10:25

Re: Zamrznutí PC při Hraní čehokoliv

#6 Příspěvek od matesss »

To co tam ukazuje v Adwcleaneru ...
Jsem se dival v Chrome a jsou to deaktivovane rozšíření hover zoom, a click to translate ....
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zamrznutí PC při Hraní čehokoliv

#7 Příspěvek od Rudy »

Kopírovat/vložit nefunguje? Chtěl jsem log RSIT. Ne ADW.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
matesss
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 03 zář 2008 10:25

Re: Zamrznutí PC při Hraní čehokoliv

#8 Příspěvek od matesss »

Aha omlouvám se .... a zkopirovat mi to nešlo očividně jen z teho adw .. ale to bude asi v rukach ...

ze je rsit

Logfile of random's system information tool 1.10 (written by random/random)
Run by Matee-es at 2016-10-05 21:15:57
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 58 GB (39%) free of 150 GB
Total RAM: 8092 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:15:58, on 5.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Matee-es\DOWNLO~1\ADWCLE~1.EXE
C:\Program Files\trend micro\Matee-es.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E24797801E268EF59764FAA50CDC344E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Matee-es\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hercules® DJ Control MP3 (HerculesDJControlMP3) - Guillemot Corporation ® - C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Solar Keyboard Service (L4301_Solar) - Logitech, Inc. - C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe

--
End of file - 12268 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\Logitech\SolarApp\L4301_Solar.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
taskeng.exe {06E80722-6732-4087-90B4-FA5EFA1793F0}
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE"
C:\Windows\DAODx.exe
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "666452173-11917213017546662061124550642113216796819086574691084104804415217409
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Matee-es\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0xb4
"C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1624.0.1950674465\499376769" --mojo-application-channel-token=B8CBA1028FD1E88B7F9E636ACF1A5850 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Control/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,56,70 --gpu-vendor-id=0x10de --gpu-device-id=0x13c2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.7290 --gpu-driver-date=9-16-2016 --mojo-platform-channel-handle=1264 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7757C995BA95545C5349F1DDD351603F --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=CF59590056CA6D73CA5A3CD3742FA409 --mojo-application-channel-token=7757C995BA95545C5349F1DDD351603F --channel="1624.2.495061036\2075630847" --mojo-platform-channel-handle=2548 /prefetch:1
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -l 3 -c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=E07BF7AFE0777A687B58A9740CE2B9AE --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=DE8F09626028252F52DFE9DA9BD66671 --mojo-application-channel-token=E07BF7AFE0777A687B58A9740CE2B9AE --channel="1624.3.450764641\1271021186" --mojo-platform-channel-handle=3512 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=766E393EA0CF98A9F4C03C37826094FC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=488EFF44648D6D42E92D5A4F2A2A5726 --mojo-application-channel-token=766E393EA0CF98A9F4C03C37826094FC --channel="1624.4.1860262526\1451855370" --mojo-platform-channel-handle=4468 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=B6DF744807FC7DE87A14C61BF9370978 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=F888779EB8E9361C7B8A1C717A3C8DBD --mojo-application-channel-token=B6DF744807FC7DE87A14C61BF9370978 --channel="1624.6.1065861333\964848685" --mojo-platform-channel-handle=5088 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=ECFFC7D9D402E0E4B6376EB0F1A88971 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=F0BEF59A910C5BC06F9CCF7E0BFD283B --mojo-application-channel-token=ECFFC7D9D402E0E4B6376EB0F1A88971 --channel="1624.7.1408568515\417110563" --mojo-platform-channel-handle=5520 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=F55134500F9E594F58891E4061456BD6 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=1BDEEF121C8B32CDC264420471548DCB --mojo-application-channel-token=F55134500F9E594F58891E4061456BD6 --channel="1624.10.2115851548\2128402406" --mojo-platform-channel-handle=6736 /prefetch:1
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 5128
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Matee-es\Desktop\AdwCleaner[S3].txt
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7A04BAA5DA65A90E896F762447A4B20A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=19855766C64616A4C70D711B6BBCCF0A --mojo-application-channel-token=7A04BAA5DA65A90E896F762447A4B20A --channel="1624.15.1519716035\1385749279" --mojo-platform-channel-handle=4972 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=661051D355A84B4500F749F05AC39805 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=54204F19A091B0D02A053E7C9A7AC49E --mojo-application-channel-token=661051D355A84B4500F749F05AC39805 --channel="1624.18.1977261510\1573925021" --mojo-platform-channel-handle=6724 /prefetch:1

C:\Users\Matee-es\DOWNLO~1\ADWCLE~1.EXE
"C:\Users\Matee-es\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-20 902624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2015-09-24 65952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-20 679680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-08-19 7202520]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-09-30 1844280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_E24797801E268EF59764FAA50CDC344E"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-09-25 966760]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"uTorrent"=C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe [2015-02-22 416168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2016-07-28 1867448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bloody2]
C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [2016-07-22 19228160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series TrayAgent]
C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [2015-12-07 1817248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Games DATA\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rundll32]
C:\Program Files\BuzzDock\BuzzDock.dll [2015-05-11 2712064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2016-09-30 1844280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
C:\PROGRA~2\HEWLET~1\DIGITA~1\bin\hpotdd01.exe [2003-04-09 28672]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-27 7408312]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2016-07-28 1867448]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-05 18:22:51 ----D---- C:\rsit
2016-10-05 18:22:51 ----D---- C:\Program Files\trend micro
2016-10-05 17:53:07 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-10-05 17:53:07 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-10-05 17:52:20 ----A---- C:\Windows\system32\drivers\asmtxhci.sys
2016-10-05 17:47:33 ----D---- C:\Windows\IObit
2016-10-05 17:47:33 ----D---- C:\ProgramData\ProductData
2016-10-05 17:47:12 ----D---- C:\ProgramData\IObit
2016-10-05 17:47:12 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-10-05 17:46:55 ----D---- C:\Users\Matee-es\AppData\Roaming\IObit
2016-10-05 17:18:08 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2016-10-05 17:18:08 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\nvspcap64.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\nvspbridge64.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2016-10-05 17:17:59 ----A---- C:\Windows\NvContainerRecovery.bat
2016-10-05 17:17:51 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2016-10-05 17:17:51 ----A---- C:\Windows\system32\nvaudcap64v.dll
2016-10-05 17:17:51 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2016-10-05 17:15:33 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-10-05 17:14:31 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-09-30 12:43:22 ----D---- C:\ProgramData\BOINC
2016-09-30 12:43:21 ----D---- C:\Windows\Downloaded Installations
2016-09-30 06:49:56 ----D---- C:\Windows\pss
2016-09-29 14:54:19 ----D---- C:\Users\Matee-es\AppData\Roaming\PhotoFiltre Studio X
2016-09-28 10:19:24 ----D---- C:\Users\Matee-es\AppData\Roaming\Hewlett-Packard
2016-09-28 10:06:10 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-09-28 10:06:10 ----A---- C:\Windows\system32\InkEd.dll
2016-09-28 10:02:43 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-09-28 10:01:52 ----N---- C:\Windows\hpomdl01.dat
2016-09-28 10:01:52 ----A---- C:\Windows\hpoins01.dat
2016-09-23 17:26:26 ----D---- C:\Program Files (x86)\SpeedFan
2016-09-22 18:28:32 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-09-22 18:28:26 ----D---- C:\Program Files (x86)\VulkanRT
2016-09-22 18:28:26 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-09-22 18:28:26 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-09-22 18:28:26 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-09-22 18:28:26 ----A---- C:\Windows\system32\vulkan-1.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvopencl.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvoglv64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvinitx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvIFR64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvFBC64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvdispgenco6437290.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvdispco6437290.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcuvid.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcuda.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcompiler.dll
2016-09-20 13:43:49 ----D---- C:\ProgramData\Malwarebytes
2016-09-19 13:43:23 ----D---- C:\Users\Matee-es\AppData\Roaming\Ashampoo
2016-09-09 20:25:58 ----A---- C:\Windows\SYSWOW64\vulkan-1-1-0-26-0.dll
2016-09-09 20:25:28 ----A---- C:\Windows\SYSWOW64\vulkaninfo-1-1-0-26-0.exe
2016-09-09 20:25:10 ----A---- C:\Windows\system32\vulkan-1-1-0-26-0.dll
2016-09-09 20:24:38 ----A---- C:\Windows\system32\vulkaninfo-1-1-0-26-0.exe

======List of files/folders modified in the last 1 month======

2016-10-05 21:15:58 ----D---- C:\Windows\Temp
2016-10-05 21:15:47 ----D---- C:\Users\Matee-es\AppData\Roaming\uTorrent
2016-10-05 21:15:24 ----D---- C:\AdwCleaner
2016-10-05 20:34:15 ----D---- C:\Program Files (x86)
2016-10-05 20:34:11 ----D---- C:\Windows\system32\Tasks
2016-10-05 20:16:28 ----D---- C:\Windows\system32\config
2016-10-05 20:07:17 ----D---- C:\Windows\System32
2016-10-05 20:07:17 ----D---- C:\Windows\inf
2016-10-05 20:07:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-05 20:02:30 ----D---- C:\ProgramData\NVIDIA
2016-10-05 20:01:45 ----D---- C:\Windows\system32\catroot
2016-10-05 18:35:24 ----D---- C:\Windows\winsxs
2016-10-05 18:22:51 ----RD---- C:\Program Files
2016-10-05 18:22:18 ----D---- C:\Windows
2016-10-05 17:56:48 ----D---- C:\Windows\system32\DriverStore
2016-10-05 17:54:07 ----D---- C:\Windows\system32\drivers
2016-10-05 17:53:07 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-10-05 17:49:16 ----SHD---- C:\System Volume Information
2016-10-05 17:47:33 ----HD---- C:\ProgramData
2016-10-05 17:47:12 ----D---- C:\Windows\SYSWOW64\drivers
2016-10-05 17:45:03 ----D---- C:\Program Files (x86)\Native Instruments
2016-10-05 17:44:43 ----SHD---- C:\Windows\Installer
2016-10-05 17:43:51 ----D---- C:\Windows\SysWOW64
2016-10-05 17:43:27 ----D---- C:\ProgramData\Package Cache
2016-10-05 17:18:19 ----D---- C:\ProgramData\NVIDIA Corporation
2016-10-05 17:18:08 ----D---- C:\Program Files\NVIDIA Corporation
2016-10-05 17:18:06 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-10-04 22:26:57 ----D---- C:\Users\Matee-es\AppData\Roaming\Skype
2016-10-04 17:01:21 ----D---- C:\Users\Matee-es\AppData\Roaming\Tunngle
2016-10-04 13:06:38 ----D---- C:\ProgramData\Tunngle
2016-10-03 14:30:53 ----D---- C:\Users\Matee-es\AppData\Roaming\DVDVideoSoft
2016-10-01 07:20:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-09-30 13:12:42 ----D---- C:\Program Files (x86)\Ubisoft
2016-09-29 14:54:19 ----D---- C:\Users\Matee-es\AppData\Roaming\Identities
2016-09-28 21:23:16 ----D---- C:\Windows\system32\catroot2
2016-09-28 10:03:05 ----D---- C:\Program Files (x86)\Common Files
2016-09-28 10:02:47 ----A---- C:\Windows\win.ini
2016-09-28 10:01:47 ----D---- C:\temp
2016-09-27 22:55:55 ----D---- C:\Users\Matee-es\AppData\Roaming\Origin
2016-09-27 13:30:54 ----D---- C:\ProgramData\Origin
2016-09-27 12:40:07 ----D---- C:\ProgramData\Orbit
2016-09-25 23:01:52 ----D---- C:\Users\Matee-es\AppData\Roaming\vlc
2016-09-24 10:29:24 ----RSD---- C:\Windows\Fonts
2016-09-23 21:27:17 ----D---- C:\ProgramData\Skype
2016-09-20 14:11:50 ----D---- C:\Windows\SoftwareDistribution
2016-09-20 06:50:20 ----D---- C:\Program Files (x86)\Origin
2016-09-18 22:29:18 ----D---- C:\Windows\Logs
2016-09-18 21:08:08 ----D---- C:\Program Files (x86)\Steam
2016-09-18 21:00:52 ----D---- C:\Windows\SYSWOW64\directx
2016-09-18 14:02:47 ----D---- C:\Windows\Prefetch
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-09-17 02:46:09 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-09-17 02:46:09 ----A---- C:\Windows\system32\nvapi64.dll
2016-09-17 00:57:43 ----A---- C:\Windows\system32\nvsvc64.dll
2016-09-17 00:57:43 ----A---- C:\Windows\system32\nvcpl.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvvsvc.exe
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvsvcr.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvshext.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvmctray.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nv3dappshextr.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nv3dappshext.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-20 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-08-05 292704]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2016-04-20 161760]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-20 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-05-20 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-20 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-20 465792]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\rsdrvx64.sys [2009-02-12 26024]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-10-05 27552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-20 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-20 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-05-20 166432]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-05-20 323392]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2013-08-16 140032]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2016-10-05 442104]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-21 3591000]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-06-30 214592]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-09-30 47672]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-10-05 1030400]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2016-04-27 39464]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Asushwio;Asushwio; \??\E:\Bin\64bit\Asushwio.sys []
S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys [2016-01-13 339104]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-05 103448]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys []
S3 HDJMidi;Hercules DJControl Glow MIDI; C:\Windows\system32\DRIVERS\HDJMidi.sys [2016-01-13 283296]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-09-30 29240]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-05 203672]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-09-26 2207960]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-20 243296]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2016-01-19 388968]
R2 HerculesDJControlMP3;Hercules® DJ Control MP3; C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2015-10-14 105472]
R2 L4301_Solar;Logitech Solar Keyboard Service; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [2013-01-30 405744]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-09-30 457272]
R2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-09-30 1165368]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-09-17 1364024]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-08-30 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-08-30 107832]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-09-17 426040]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-05-20 5570272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-27 144200]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2016-09-20 2206224]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-27 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-09-30 457272]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-09-20 2141192]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-16 569024]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2016-06-23 872432]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-01-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
matesss
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 03 zář 2008 10:25

Re: Zamrznutí PC při Hraní čehokoliv

#9 Příspěvek od matesss »

Omlouvám se ale zítra jsem mimo domov .... další reakci zašlu v pátek ....
Předem děkuji a pevně věřím že se nám to povede vyřešit , ostatně jako již v minulost ....

S přáním klidného zbytku večera

Martin Veselý
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zamrznutí PC při Hraní čehokoliv

#10 Příspěvek od Rudy »

OK. I koncem týdne bych tu měl být. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
matesss
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 03 zář 2008 10:25

Re: Zamrznutí PC při Hraní čehokoliv

#11 Příspěvek od matesss »

Zde je log z rsit .....

Logfile of random's system information tool 1.10 (written by random/random)
Run by Matee-es at 2016-10-07 11:40:08
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 58 GB (39%) free of 150 GB
Total RAM: 8092 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:40:08, on 7.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Matee-es.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E24797801E268EF59764FAA50CDC344E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Matee-es\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hercules® DJ Control MP3 (HerculesDJControlMP3) - Guillemot Corporation ® - C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Solar Keyboard Service (L4301_Solar) - Logitech, Inc. - C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe

--
End of file - 12129 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Program Files\Logitech\SolarApp\L4301_Solar.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {1D510A05-DABA-4AD9-B83E-D58EDBB4B27F}
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {1913E504-73F2-406B-9750-53B367B16624}
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe"
C:\Windows\DAODx.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "1190522457-825423955-175040469-1355292552-1929519480103219515112652385261439906343
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -l 3 -c
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe"
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k secsvcs
WLIDSvcM.exe 3644
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\10072016_112734.log
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Matee-es\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0xb4
"C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1796.0.1962349547\1739992623" --mojo-application-channel-token=4F6192014158B58EA559C34B73200334 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Control/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,56,70 --gpu-vendor-id=0x10de --gpu-device-id=0x13c2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.7290 --gpu-driver-date=9-16-2016 --mojo-platform-channel-handle=1184 --ignored=" --type=renderer " /prefetch:2

"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe" --xmlFilePath="C:\Users\Matee-es\AppData\Local\Temp\adobegc_a01036" --workflowInitiator=CSUpdater --xmlFilePath2="C:\Users\Public\Documents\AdobeGC\adobegc_a01036"
"C:\Windows\system32\SearchFilterHost.exe" 0 544 548 556 65536 552
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=887B2466A5AF2D2E2024E77AF21A14C9 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=313F5D1B2A4617DC73979FB924224BF1 --mojo-application-channel-token=887B2466A5AF2D2E2024E77AF21A14C9 --channel="1796.2.746937997\1809153283" --mojo-platform-channel-handle=2304 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-706122237-3197980538-511727788-10003_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-706122237-3197980538-511727788-10003 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=5F99BE5C873991991723BF298638724D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=BB056049918D5A812841E132BEF64769 --mojo-application-channel-token=5F99BE5C873991991723BF298638724D --channel="1796.4.625700161\163098746" --mojo-platform-channel-handle=4092 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=D0C80BD6ABB21115F17F14DF2E44DD5B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=E0C292AB673E522A7C8B47E965CC7685 --mojo-application-channel-token=D0C80BD6ABB21115F17F14DF2E44DD5B --channel="1796.5.288147473\1282002233" --mojo-platform-channel-handle=3604 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=EDACBEAB3BF162E72F2445362B16E7F1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=90D4311B08BC6A9CBE7CF9BD433784E6 --mojo-application-channel-token=EDACBEAB3BF162E72F2445362B16E7F1 --channel="1796.6.700123118\107263603" --mojo-platform-channel-handle=3580 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=0B2054C38A1DA3D6A49A54B4F9E6EE8F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2310F4FA71704CE559E041548E627E82 --mojo-application-channel-token=0B2054C38A1DA3D6A49A54B4F9E6EE8F --channel="1796.7.514640621\1926488725" --mojo-platform-channel-handle=5268 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=3ED4AB77C7866F9C44BF91AC388DD239 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=0C844AA7AD1273658C7792A49EBFFE15 --mojo-application-channel-token=3ED4AB77C7866F9C44BF91AC388DD239 --channel="1796.8.1514986084\1905342603" --mojo-platform-channel-handle=5780 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=49CEEB05E343A6847FF775916C67A1DA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=0B2813BF85C36F422785D74B7D53C341 --mojo-application-channel-token=49CEEB05E343A6847FF775916C67A1DA --channel="1796.9.775821227\1010964191" --mojo-platform-channel-handle=6092 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=E5FC011266CA8CFB19004915E039E948 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=36E5C3E3D25EF4A8E5941EFA21173206 --mojo-application-channel-token=E5FC011266CA8CFB19004915E039E948 --channel="1796.10.1820351732\299996442" --mojo-platform-channel-handle=2148 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\Matee-es\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-20 902624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2015-09-24 65952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-20 679680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-08-19 7202520]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-09-30 1844280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_E24797801E268EF59764FAA50CDC344E"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-09-25 966760]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"uTorrent"=C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe [2015-02-22 416168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2016-07-28 1867448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bloody2]
C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [2016-07-22 19228160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series TrayAgent]
C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [2015-12-07 1817248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Games DATA\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rundll32]
C:\Program Files\BuzzDock\BuzzDock.dll [2015-05-11 2712064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2016-09-30 1844280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
C:\PROGRA~2\HEWLET~1\DIGITA~1\bin\hpotdd01.exe [2003-04-09 28672]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-27 7408312]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2016-07-28 1867448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-07 11:27:34 ----D---- C:\_OTM
2016-10-05 18:22:51 ----D---- C:\rsit
2016-10-05 18:22:51 ----D---- C:\Program Files\trend micro
2016-10-05 17:53:07 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-10-05 17:53:07 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-10-05 17:52:20 ----A---- C:\Windows\system32\drivers\asmtxhci.sys
2016-10-05 17:47:33 ----D---- C:\Windows\IObit
2016-10-05 17:47:33 ----D---- C:\ProgramData\ProductData
2016-10-05 17:47:12 ----D---- C:\ProgramData\IObit
2016-10-05 17:47:12 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-10-05 17:46:55 ----D---- C:\Users\Matee-es\AppData\Roaming\IObit
2016-10-05 17:18:08 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2016-10-05 17:18:08 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\nvspcap64.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\nvspbridge64.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2016-10-05 17:17:59 ----A---- C:\Windows\NvContainerRecovery.bat
2016-10-05 17:17:51 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2016-10-05 17:17:51 ----A---- C:\Windows\system32\nvaudcap64v.dll
2016-10-05 17:17:51 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2016-10-05 17:15:33 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-10-05 17:14:31 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-09-30 12:43:22 ----D---- C:\ProgramData\BOINC
2016-09-30 12:43:21 ----D---- C:\Windows\Downloaded Installations
2016-09-30 06:49:56 ----D---- C:\Windows\pss
2016-09-29 14:54:19 ----D---- C:\Users\Matee-es\AppData\Roaming\PhotoFiltre Studio X
2016-09-28 10:19:24 ----D---- C:\Users\Matee-es\AppData\Roaming\Hewlett-Packard
2016-09-28 10:06:10 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-09-28 10:06:10 ----A---- C:\Windows\system32\InkEd.dll
2016-09-28 10:02:43 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-09-28 10:01:52 ----N---- C:\Windows\hpomdl01.dat
2016-09-28 10:01:52 ----A---- C:\Windows\hpoins01.dat
2016-09-23 17:26:26 ----D---- C:\Program Files (x86)\SpeedFan
2016-09-22 18:28:32 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-09-22 18:28:26 ----D---- C:\Program Files (x86)\VulkanRT
2016-09-22 18:28:26 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-09-22 18:28:26 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-09-22 18:28:26 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-09-22 18:28:26 ----A---- C:\Windows\system32\vulkan-1.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvopencl.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvoglv64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvinitx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvIFR64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvFBC64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvdispgenco6437290.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvdispco6437290.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcuvid.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcuda.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcompiler.dll
2016-09-20 13:43:49 ----D---- C:\ProgramData\Malwarebytes
2016-09-19 13:43:23 ----D---- C:\Users\Matee-es\AppData\Roaming\Ashampoo
2016-09-09 20:25:58 ----A---- C:\Windows\SYSWOW64\vulkan-1-1-0-26-0.dll
2016-09-09 20:25:28 ----A---- C:\Windows\SYSWOW64\vulkaninfo-1-1-0-26-0.exe
2016-09-09 20:25:10 ----A---- C:\Windows\system32\vulkan-1-1-0-26-0.dll
2016-09-09 20:24:38 ----A---- C:\Windows\system32\vulkaninfo-1-1-0-26-0.exe

======List of files/folders modified in the last 1 month======

2016-10-07 11:40:08 ----D---- C:\Windows\Temp
2016-10-07 11:39:56 ----D---- C:\Users\Matee-es\AppData\Roaming\uTorrent
2016-10-07 11:33:31 ----D---- C:\Windows\System32
2016-10-07 11:33:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-07 11:33:30 ----D---- C:\Windows\inf
2016-10-07 11:32:12 ----D---- C:\Windows\system32\config
2016-10-07 11:28:56 ----D---- C:\ProgramData\NVIDIA
2016-10-07 11:27:34 ----D---- C:\Windows\Tasks
2016-10-07 11:17:51 ----D---- C:\Windows\system32\drivers
2016-10-05 21:16:36 ----D---- C:\AdwCleaner
2016-10-05 20:34:15 ----D---- C:\Program Files (x86)
2016-10-05 20:34:11 ----D---- C:\Windows\system32\Tasks
2016-10-05 20:01:45 ----D---- C:\Windows\system32\catroot
2016-10-05 18:35:24 ----D---- C:\Windows\winsxs
2016-10-05 18:22:51 ----RD---- C:\Program Files
2016-10-05 18:22:18 ----D---- C:\Windows
2016-10-05 17:56:48 ----D---- C:\Windows\system32\DriverStore
2016-10-05 17:53:07 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-10-05 17:49:16 ----SHD---- C:\System Volume Information
2016-10-05 17:47:33 ----HD---- C:\ProgramData
2016-10-05 17:47:12 ----D---- C:\Windows\SYSWOW64\drivers
2016-10-05 17:45:03 ----D---- C:\Program Files (x86)\Native Instruments
2016-10-05 17:44:43 ----SHD---- C:\Windows\Installer
2016-10-05 17:43:51 ----D---- C:\Windows\SysWOW64
2016-10-05 17:43:27 ----D---- C:\ProgramData\Package Cache
2016-10-05 17:18:19 ----D---- C:\ProgramData\NVIDIA Corporation
2016-10-05 17:18:08 ----D---- C:\Program Files\NVIDIA Corporation
2016-10-05 17:18:06 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-10-04 22:26:57 ----D---- C:\Users\Matee-es\AppData\Roaming\Skype
2016-10-04 17:01:21 ----D---- C:\Users\Matee-es\AppData\Roaming\Tunngle
2016-10-04 13:06:38 ----D---- C:\ProgramData\Tunngle
2016-10-03 14:30:53 ----D---- C:\Users\Matee-es\AppData\Roaming\DVDVideoSoft
2016-10-01 07:20:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-09-30 13:12:42 ----D---- C:\Program Files (x86)\Ubisoft
2016-09-29 14:54:19 ----D---- C:\Users\Matee-es\AppData\Roaming\Identities
2016-09-28 21:23:16 ----D---- C:\Windows\system32\catroot2
2016-09-28 10:03:05 ----D---- C:\Program Files (x86)\Common Files
2016-09-28 10:02:47 ----A---- C:\Windows\win.ini
2016-09-28 10:01:47 ----D---- C:\temp
2016-09-27 22:55:55 ----D---- C:\Users\Matee-es\AppData\Roaming\Origin
2016-09-27 13:30:54 ----D---- C:\ProgramData\Origin
2016-09-27 12:40:07 ----D---- C:\ProgramData\Orbit
2016-09-25 23:01:52 ----D---- C:\Users\Matee-es\AppData\Roaming\vlc
2016-09-24 10:29:24 ----RSD---- C:\Windows\Fonts
2016-09-23 21:27:17 ----D---- C:\ProgramData\Skype
2016-09-20 14:11:50 ----D---- C:\Windows\SoftwareDistribution
2016-09-20 06:50:20 ----D---- C:\Program Files (x86)\Origin
2016-09-18 22:29:18 ----D---- C:\Windows\Logs
2016-09-18 21:08:08 ----D---- C:\Program Files (x86)\Steam
2016-09-18 21:00:52 ----D---- C:\Windows\SYSWOW64\directx
2016-09-18 14:02:47 ----D---- C:\Windows\Prefetch
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-09-17 02:46:09 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-09-17 02:46:09 ----A---- C:\Windows\system32\nvapi64.dll
2016-09-17 00:57:43 ----A---- C:\Windows\system32\nvsvc64.dll
2016-09-17 00:57:43 ----A---- C:\Windows\system32\nvcpl.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvvsvc.exe
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvsvcr.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvshext.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvmctray.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nv3dappshextr.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nv3dappshext.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-20 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-08-05 292704]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2016-04-20 161760]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-20 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-05-20 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-20 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-20 465792]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\rsdrvx64.sys [2009-02-12 26024]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-10-05 27552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-20 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-20 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-05-20 166432]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-05-20 323392]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2013-08-16 140032]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2016-10-05 442104]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-21 3591000]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-06-30 214592]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-09-30 47672]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-10-05 1030400]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2016-04-27 39464]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Asushwio;Asushwio; \??\E:\Bin\64bit\Asushwio.sys []
S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys [2016-01-13 339104]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-05 103448]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys []
S3 HDJMidi;Hercules DJControl Glow MIDI; C:\Windows\system32\DRIVERS\HDJMidi.sys [2016-01-13 283296]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-09-30 29240]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-05 203672]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-09-26 2207960]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-20 243296]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2016-01-19 388968]
R2 HerculesDJControlMP3;Hercules® DJ Control MP3; C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2015-10-14 105472]
R2 L4301_Solar;Logitech Solar Keyboard Service; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [2013-01-30 405744]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-09-30 457272]
R2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-09-30 1165368]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-09-17 1364024]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-08-30 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-08-30 107832]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-09-17 426040]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-05-20 5570272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-27 144200]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2016-09-20 2206224]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-27 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-09-30 457272]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-09-20 2141192]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-16 569024]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2016-06-23 872432]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-01-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
matesss
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 03 zář 2008 10:25

Re: Zamrznutí PC při Hraní čehokoliv

#12 Příspěvek od matesss »

Omlouvám se ale nejsem si jistý jestli jsem ten log udělal po restartu ...

Zde je nový ....


Logfile of random's system information tool 1.10 (written by random/random)
Run by Matee-es at 2016-10-07 12:10:18
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 58 GB (39%) free of 150 GB
Total RAM: 8092 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:10:19, on 7.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Matee-es.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E24797801E268EF59764FAA50CDC344E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Matee-es\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hercules® DJ Control MP3 (HerculesDJControlMP3) - Guillemot Corporation ® - C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Solar Keyboard Service (L4301_Solar) - Logitech, Inc. - C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe

--
End of file - 11932 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Program Files\Logitech\SolarApp\L4301_Solar.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {1D510A05-DABA-4AD9-B83E-D58EDBB4B27F}
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {1913E504-73F2-406B-9750-53B367B16624}
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe"
C:\Windows\DAODx.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "1190522457-825423955-175040469-1355292552-1929519480103219515112652385261439906343
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -l 3 -c
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe"
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k secsvcs
WLIDSvcM.exe 3644
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Matee-es\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0xb4
"C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1796.0.1962349547\1739992623" --mojo-application-channel-token=4F6192014158B58EA559C34B73200334 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Control/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,56,70 --gpu-vendor-id=0x10de --gpu-device-id=0x13c2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.7290 --gpu-driver-date=9-16-2016 --mojo-platform-channel-handle=1184 --ignored=" --type=renderer " /prefetch:2
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=887B2466A5AF2D2E2024E77AF21A14C9 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=313F5D1B2A4617DC73979FB924224BF1 --mojo-application-channel-token=887B2466A5AF2D2E2024E77AF21A14C9 --channel="1796.2.746937997\1809153283" --mojo-platform-channel-handle=2304 /prefetch:1
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=5F99BE5C873991991723BF298638724D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=BB056049918D5A812841E132BEF64769 --mojo-application-channel-token=5F99BE5C873991991723BF298638724D --channel="1796.4.625700161\163098746" --mojo-platform-channel-handle=4092 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=D0C80BD6ABB21115F17F14DF2E44DD5B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=E0C292AB673E522A7C8B47E965CC7685 --mojo-application-channel-token=D0C80BD6ABB21115F17F14DF2E44DD5B --channel="1796.5.288147473\1282002233" --mojo-platform-channel-handle=3604 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=EDACBEAB3BF162E72F2445362B16E7F1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=90D4311B08BC6A9CBE7CF9BD433784E6 --mojo-application-channel-token=EDACBEAB3BF162E72F2445362B16E7F1 --channel="1796.6.700123118\107263603" --mojo-platform-channel-handle=3580 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=0B2054C38A1DA3D6A49A54B4F9E6EE8F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2310F4FA71704CE559E041548E627E82 --mojo-application-channel-token=0B2054C38A1DA3D6A49A54B4F9E6EE8F --channel="1796.7.514640621\1926488725" --mojo-platform-channel-handle=5268 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/Control/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Disabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=3ED4AB77C7866F9C44BF91AC388DD239 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=0C844AA7AD1273658C7792A49EBFFE15 --mojo-application-channel-token=3ED4AB77C7866F9C44BF91AC388DD239 --channel="1796.8.1514986084\1905342603" --mojo-platform-channel-handle=5780 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\Matee-es\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-20 902624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2015-09-24 65952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-20 679680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26 141496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-08-19 7202520]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-09-30 1844280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_E24797801E268EF59764FAA50CDC344E"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-09-25 966760]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"uTorrent"=C:\Users\Matee-es\AppData\Roaming\uTorrent\utorrent.exe [2015-02-22 416168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2016-07-28 1867448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bloody2]
C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [2016-07-22 19228160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series TrayAgent]
C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [2015-12-07 1817248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Games DATA\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rundll32]
C:\Program Files\BuzzDock\BuzzDock.dll [2015-05-11 2712064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2016-09-30 1844280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
C:\PROGRA~2\HEWLET~1\DIGITA~1\bin\hpotdd01.exe [2003-04-09 28672]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-27 7408312]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2016-07-28 1867448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-07 11:27:34 ----D---- C:\_OTM
2016-10-05 18:22:51 ----D---- C:\rsit
2016-10-05 18:22:51 ----D---- C:\Program Files\trend micro
2016-10-05 17:53:07 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-10-05 17:53:07 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-10-05 17:52:20 ----A---- C:\Windows\system32\drivers\asmtxhci.sys
2016-10-05 17:47:33 ----D---- C:\Windows\IObit
2016-10-05 17:47:33 ----D---- C:\ProgramData\ProductData
2016-10-05 17:47:12 ----D---- C:\ProgramData\IObit
2016-10-05 17:47:12 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-10-05 17:46:55 ----D---- C:\Users\Matee-es\AppData\Roaming\IObit
2016-10-05 17:18:08 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2016-10-05 17:18:08 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\nvspcap64.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\nvspbridge64.dll
2016-10-05 17:18:08 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2016-10-05 17:17:59 ----A---- C:\Windows\NvContainerRecovery.bat
2016-10-05 17:17:51 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2016-10-05 17:17:51 ----A---- C:\Windows\system32\nvaudcap64v.dll
2016-10-05 17:17:51 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2016-10-05 17:15:33 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-10-05 17:14:31 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-10-05 17:14:31 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-09-30 12:43:22 ----D---- C:\ProgramData\BOINC
2016-09-30 12:43:21 ----D---- C:\Windows\Downloaded Installations
2016-09-30 06:49:56 ----D---- C:\Windows\pss
2016-09-29 14:54:19 ----D---- C:\Users\Matee-es\AppData\Roaming\PhotoFiltre Studio X
2016-09-28 10:19:24 ----D---- C:\Users\Matee-es\AppData\Roaming\Hewlett-Packard
2016-09-28 10:06:10 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-09-28 10:06:10 ----A---- C:\Windows\system32\InkEd.dll
2016-09-28 10:02:43 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-09-28 10:01:52 ----N---- C:\Windows\hpomdl01.dat
2016-09-28 10:01:52 ----A---- C:\Windows\hpoins01.dat
2016-09-23 17:26:26 ----D---- C:\Program Files (x86)\SpeedFan
2016-09-22 18:28:32 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-09-22 18:28:26 ----D---- C:\Program Files (x86)\VulkanRT
2016-09-22 18:28:26 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-09-22 18:28:26 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-09-22 18:28:26 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-09-22 18:28:26 ----A---- C:\Windows\system32\vulkan-1.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-09-22 18:26:11 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvopencl.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvoglv64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvinitx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvIFR64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\NvFBC64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvdispgenco6437290.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvdispco6437290.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-09-22 18:26:11 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-09-22 18:26:10 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcuvid.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcuda.dll
2016-09-22 18:26:10 ----A---- C:\Windows\system32\nvcompiler.dll
2016-09-20 13:43:49 ----D---- C:\ProgramData\Malwarebytes
2016-09-19 13:43:23 ----D---- C:\Users\Matee-es\AppData\Roaming\Ashampoo
2016-09-09 20:25:58 ----A---- C:\Windows\SYSWOW64\vulkan-1-1-0-26-0.dll
2016-09-09 20:25:28 ----A---- C:\Windows\SYSWOW64\vulkaninfo-1-1-0-26-0.exe
2016-09-09 20:25:10 ----A---- C:\Windows\system32\vulkan-1-1-0-26-0.dll
2016-09-09 20:24:38 ----A---- C:\Windows\system32\vulkaninfo-1-1-0-26-0.exe

======List of files/folders modified in the last 1 month======

2016-10-07 12:10:18 ----D---- C:\Windows\Temp
2016-10-07 12:10:10 ----D---- C:\Users\Matee-es\AppData\Roaming\uTorrent
2016-10-07 11:44:35 ----HD---- C:\ProgramData
2016-10-07 11:42:50 ----D---- C:\Windows\system32\config
2016-10-07 11:33:31 ----D---- C:\Windows\System32
2016-10-07 11:33:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-07 11:33:30 ----D---- C:\Windows\inf
2016-10-07 11:28:56 ----D---- C:\ProgramData\NVIDIA
2016-10-07 11:27:34 ----D---- C:\Windows\Tasks
2016-10-07 11:17:51 ----D---- C:\Windows\system32\drivers
2016-10-05 21:16:36 ----D---- C:\AdwCleaner
2016-10-05 20:34:15 ----D---- C:\Program Files (x86)
2016-10-05 20:34:11 ----D---- C:\Windows\system32\Tasks
2016-10-05 20:01:45 ----D---- C:\Windows\system32\catroot
2016-10-05 18:35:24 ----D---- C:\Windows\winsxs
2016-10-05 18:22:51 ----RD---- C:\Program Files
2016-10-05 18:22:18 ----D---- C:\Windows
2016-10-05 17:56:48 ----D---- C:\Windows\system32\DriverStore
2016-10-05 17:53:07 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-10-05 17:49:16 ----SHD---- C:\System Volume Information
2016-10-05 17:47:12 ----D---- C:\Windows\SYSWOW64\drivers
2016-10-05 17:45:03 ----D---- C:\Program Files (x86)\Native Instruments
2016-10-05 17:44:43 ----SHD---- C:\Windows\Installer
2016-10-05 17:43:51 ----D---- C:\Windows\SysWOW64
2016-10-05 17:43:27 ----D---- C:\ProgramData\Package Cache
2016-10-05 17:18:19 ----D---- C:\ProgramData\NVIDIA Corporation
2016-10-05 17:18:08 ----D---- C:\Program Files\NVIDIA Corporation
2016-10-05 17:18:06 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-10-04 22:26:57 ----D---- C:\Users\Matee-es\AppData\Roaming\Skype
2016-10-04 17:01:21 ----D---- C:\Users\Matee-es\AppData\Roaming\Tunngle
2016-10-04 13:06:38 ----D---- C:\ProgramData\Tunngle
2016-10-03 14:30:53 ----D---- C:\Users\Matee-es\AppData\Roaming\DVDVideoSoft
2016-10-01 07:20:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-09-30 13:12:42 ----D---- C:\Program Files (x86)\Ubisoft
2016-09-29 14:54:19 ----D---- C:\Users\Matee-es\AppData\Roaming\Identities
2016-09-28 21:23:16 ----D---- C:\Windows\system32\catroot2
2016-09-28 10:03:05 ----D---- C:\Program Files (x86)\Common Files
2016-09-28 10:02:47 ----A---- C:\Windows\win.ini
2016-09-28 10:01:47 ----D---- C:\temp
2016-09-27 22:55:55 ----D---- C:\Users\Matee-es\AppData\Roaming\Origin
2016-09-27 13:30:54 ----D---- C:\ProgramData\Origin
2016-09-27 12:40:07 ----D---- C:\ProgramData\Orbit
2016-09-25 23:01:52 ----D---- C:\Users\Matee-es\AppData\Roaming\vlc
2016-09-24 10:29:24 ----RSD---- C:\Windows\Fonts
2016-09-23 21:27:17 ----D---- C:\ProgramData\Skype
2016-09-20 14:11:50 ----D---- C:\Windows\SoftwareDistribution
2016-09-20 06:50:20 ----D---- C:\Program Files (x86)\Origin
2016-09-18 22:29:18 ----D---- C:\Windows\Logs
2016-09-18 21:08:08 ----D---- C:\Program Files (x86)\Steam
2016-09-18 21:00:52 ----D---- C:\Windows\SYSWOW64\directx
2016-09-18 14:02:47 ----D---- C:\Windows\Prefetch
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-09-17 02:46:09 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-09-17 02:46:09 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-09-17 02:46:09 ----A---- C:\Windows\system32\nvapi64.dll
2016-09-17 00:57:43 ----A---- C:\Windows\system32\nvsvc64.dll
2016-09-17 00:57:43 ----A---- C:\Windows\system32\nvcpl.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvvsvc.exe
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvsvcr.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvshext.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nvmctray.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nv3dappshextr.dll
2016-09-17 00:57:41 ----A---- C:\Windows\system32\nv3dappshext.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-20 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-08-05 292704]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2016-04-20 161760]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-20 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-05-20 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-20 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-20 465792]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\rsdrvx64.sys [2009-02-12 26024]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-10-05 27552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-20 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-20 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-05-20 166432]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-05-20 323392]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2013-08-16 140032]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2016-10-05 442104]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-21 3591000]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-06-30 214592]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-09-30 47672]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-10-05 1030400]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2016-04-27 39464]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Asushwio;Asushwio; \??\E:\Bin\64bit\Asushwio.sys []
S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys [2016-01-13 339104]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-05 103448]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys []
S3 HDJMidi;Hercules DJControl Glow MIDI; C:\Windows\system32\DRIVERS\HDJMidi.sys [2016-01-13 283296]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-09-30 29240]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-05 203672]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-09-26 2207960]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-20 243296]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2016-01-19 388968]
R2 HerculesDJControlMP3;Hercules® DJ Control MP3; C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2015-10-14 105472]
R2 L4301_Solar;Logitech Solar Keyboard Service; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [2013-01-30 405744]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-09-30 457272]
R2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-09-30 1165368]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-09-17 1364024]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-08-30 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-08-30 107832]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-09-17 426040]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-05-20 5570272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-27 144200]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2016-09-20 2206224]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-27 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-09-30 457272]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-09-20 2141192]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-16 569024]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2016-06-23 872432]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-01-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zamrznutí PC při Hraní čehokoliv

#13 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
matesss
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 03 zář 2008 10:25

Re: Zamrznutí PC při Hraní čehokoliv

#14 Příspěvek od matesss »

Udělal jsem zátěžový test a vypadá že vše slape jak má ....

Mohl bych ze zeptat co za typ chyby(viru) to bylo ... popřípadě
zjistil jste jakou příčinou jsem to dostal do pc ?

Koukal sem že to bylo něco napojeného na update ?

Každopádně opět jste mě nezklamali a i nadále Vás
budu doporučovat svým přátelům.

A velice rád opět přispěji vašemu TOP fóru ...
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zamrznutí PC při Hraní čehokoliv

#15 Příspěvek od Rudy »

Byly tam AdWary (smazal ADW) a to, co jsme dočišťovali přes RSIT jsou zbytečnosti JavaUpdateScheduler je pouhý plánovč updatů Javy. Update ale funguje automaticky, jakmile se objeví na webu Javy. Takže také zbytečnost, která se odstraňuje. Za příspěvek děkujeme. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“