Velmi zpomalený PC

[krysarr]

Krom toho, že se počítač snaží zničit vše, co se připojí do USB (flash disky, externí disky - tvrdí úplně o všem, že je nutno to zformátovat a jednu flashku už takto oddělal), tak dnes zamrzl a potom začal být příšerně zpomalený.

-----------------------------------------------------------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by krysarr at 2016-10-05 21:31:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 12 GB (16%) free of 76 GB
Total RAM: 7934 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:31:15, on 5.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal

Running processes:
C:\Users\krysarr\Documents\SpeedFan\speedfan.exe
C:\Program Files (x86)\Esmska\jre\launch4j-tmp\esmska.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\krysarr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - Startup: Esmska.lnk = C:\Program Files (x86)\Esmska\esmska.exe
O4 - Startup: JDownloader 2 Launcher.lnk = C:\Program Files\JDownloader 2\JDownloader 2.exe
O4 - Startup: SpeedFan.lnk = C:\Users\krysarr\Documents\SpeedFan\speedfan.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{361767F6-E1CC-4406-8CEC-208D090EE157}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{361767F6-E1CC-4406-8CEC-208D090EE157}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{361767F6-E1CC-4406-8CEC-208D090EE157}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cmdvirth.exe
O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9667 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {2421BB71-5AEC-4967-A388-1AF88CCB7B71}
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Users\krysarr\Documents\SpeedFan\speedfan.exe"
"C:\Program Files (x86)\Esmska\jre\launch4j-tmp\esmska.exe" -jar "C:\Program Files (x86)\Esmska\esmska.jar"
WLIDSvcM.exe 2988
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\System32\vds.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\krysarr\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0x22c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5348.0.1000769295\245896004" --mojo-application-channel-token=F0D2207A842ACFD2AA56377845342AC7 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-conservative/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,11,13,14,15,16,18,31,56 --gpu-vendor-id=0x1002 --gpu-device-id=0x9715 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.710.0.0 --gpu-driver-date=2-10-2010 --mojo-platform-channel-handle=1548 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=805DE3CAB6D731214B10753FCF7ADF0F --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=01D8E2345ABC5848D3AE04834C384CB3 --mojo-application-channel-token=805DE3CAB6D731214B10753FCF7ADF0F --channel="5348.3.2083798405\719237964" --mojo-platform-channel-handle=3484 /prefetch:1
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=15572AA8FA3FABD690CE051FFABD6464 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=E466AB914F06C7D771B5321B61B49C1E --mojo-application-channel-token=15572AA8FA3FABD690CE051FFABD6464 --channel="5348.9.1052359909\507201913" --mojo-platform-channel-handle=6092 /prefetch:1
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=BB6F0259874C73A0FEF5C127ED1E7DF8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=B752A01A43533A084CB07602CEC559D4 --mojo-application-channel-token=BB6F0259874C73A0FEF5C127ED1E7DF8 --channel="5348.10.948901960\295279563" --mojo-platform-channel-handle=4008 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7B80CB7B1DD8CA967036AA7D5C173415 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=9673C04629DA96D2AA0F288966FC4A4B --mojo-application-channel-token=7B80CB7B1DD8CA967036AA7D5C173415 --channel="5348.11.365717618\68248181" --mojo-platform-channel-handle=5240 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=BF2D6E0990D68A0C6EA197BDE284E44A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=08EA5922BE3D15C60543688823175270 --mojo-application-channel-token=BF2D6E0990D68A0C6EA197BDE284E44A --channel="5348.12.356639556\736558542" --mojo-platform-channel-handle=4868 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=D2C08E57E8036A4B75811AE9AF714E34 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=C83824664404EED714C77BED3EE35445 --mojo-application-channel-token=D2C08E57E8036A4B75811AE9AF714E34 --channel="5348.13.513270874\1127797624" --mojo-platform-channel-handle=4624 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7BEF2A808A8AAF04C7DB1947E9B44A96 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=D5749A44CA178D17A37CADE568E8A7F5 --mojo-application-channel-token=7BEF2A808A8AAF04C7DB1947E9B44A96 --channel="5348.14.365919885\683682226" --mojo-platform-channel-handle=5076 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=8DE2D0B7E4154F82B435A6AB47399D3F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=3EDA8E94114914872D5626EF4C9A23A5 --mojo-application-channel-token=8DE2D0B7E4154F82B435A6AB47399D3F --channel="5348.15.1586134837\1727723828" --mojo-platform-channel-handle=4872 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7ADBF68A0301C5E66FA9F47B1B0EA060 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=D948AEBDC80EBB92A6914A92D37086DB --mojo-application-channel-token=7ADBF68A0301C5E66FA9F47B1B0EA060 --channel="5348.16.1666655713\1077646947" --mojo-platform-channel-handle=7076 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=F4184AD6B230C71ADD060E6814FE4F67 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=B2129178FD015960130F9CB5FD7F571E --mojo-application-channel-token=F4184AD6B230C71ADD060E6814FE4F67 --channel="5348.17.733621036\333622413" --mojo-platform-channel-handle=6696 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=6F0813BD029C7C0C8600801856E652C2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=57DE378F0734B7FD91ADDC85E1EF5D2E --mojo-application-channel-token=6F0813BD029C7C0C8600801856E652C2 --channel="5348.18.452661747\34906056" --mojo-platform-channel-handle=8228 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=CA037A359B48F24D74AAF7A31626841E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2DA8A7D44C0585E8217E43418436CF52 --mojo-application-channel-token=CA037A359B48F24D74AAF7A31626841E --channel="5348.19.1698501387\411898058" --mojo-platform-channel-handle=8584 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=AF1018C1AC43D3D74AC75FE9F2B32B20 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=465A8A6EA78E7916C0DEAAA9F12DA860 --mojo-application-channel-token=AF1018C1AC43D3D74AC75FE9F2B32B20 --channel="5348.20.443113044\381498628" --mojo-platform-channel-handle=5488 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=54263BC221862C0BD89A9501DB496208 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=BF3F359D0C873166B4D3623EE0064279 --mojo-application-channel-token=54263BC221862C0BD89A9501DB496208 --channel="5348.21.832144422\767647509" --mojo-platform-channel-handle=6332 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --mojo-channel-token=5451D6D8D974596FBAAB606F92671004 --ppapi-flash-args --lang=cs --device-scale-factor=1 --mojo-platform-channel-handle=10268 --ignored=" --type=renderer " /prefetch:3
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-databases --primordial-pipe-token=45137EA82A720C216AE77CBB5B8B5985 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=8E8A3EB472C7C0FFE4D34BBC051FB2B3 --mojo-application-channel-token=45137EA82A720C216AE77CBB5B8B5985 --channel="5348.26.745563836\712075749" --mojo-platform-channel-handle=4712 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-databases --primordial-pipe-token=879B8C505DE60AE5914A3D6493382809 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=4B7FA538AD4B5D4FC74AA04E18F3C5E9 --mojo-application-channel-token=879B8C505DE60AE5914A3D6493382809 --channel="5348.28.643288304\1038661016" --mojo-platform-channel-handle=10384 /prefetch:1
"C:\Windows\system32\taskmgr.exe" /4
"C:\Windows\System32\perfmon.exe" /res
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=B112B71C8636937006BEED6FA7AA8D2C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=0887A6E3AD5FAF50B6BA4FF2D0D31984 --mojo-application-channel-token=B112B71C8636937006BEED6FA7AA8D2C --channel="5348.31.1442429561\1941196750" --mojo-platform-channel-handle=4772 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=61EECCDF7ADDC113344FFCE7F0FE6B5D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=FD0D7D9C418FC0C52DEBF8A1C8B0B58B --mojo-application-channel-token=61EECCDF7ADDC113344FFCE7F0FE6B5D --channel="5348.34.1392830572\202526632" --mojo-platform-channel-handle=3976 /prefetch:1
"G:\Films\NEW\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\krysarr\AppData\Roaming\Mozilla\Firefox\Profiles\by63fyf3.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://www.google.cz/#hl=cs&source=hp&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=Software602 Form Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\krysarr\AppData\Roaming\Mozilla\Firefox\Profiles\by63fyf3.default\extensions\
LogMeInClient@logmein.com

C:\Users\krysarr\AppData\Roaming\Mozilla\Firefox\Profiles\by63fyf3.default\searchplugins\
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-08-24 948792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-24 713440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-06 11057768]
"COMODO Internet Security"=C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cistray.exe [2016-09-27 1610936]
"COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-27 1610936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-08-21 518976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor]
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-12-15 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security]
C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cistray.exe [2016-09-27 1610936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab VDrive]
C:\PROGRAM FILES\DVDFAB VIRTUAL DRIVE\VDRIVE.EXE [2011-07-06 309120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS TB Tray Agent]
C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [2016-03-20 253992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\krysarr\AppData\Roaming\ICQM\icq.exe [2013-02-18 26935144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [2011-11-12 557056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-04-22 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MDS_Menu]
C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD14Agent]
C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [2015-01-02 795672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe /server []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-04-03 3684488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-12-13 7806192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol]
C:\Program Files (x86)\TightVNC\tvnserver.exe -controlservice -slave []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-02-17 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [2010-06-02 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AirLive Skyphone-1000.lnk]
C:\PROGRA~2\AIRLIV~1\SKYPHO~1.EXE [2006-06-19 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Free Antivirus.lnk]
C:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MozyHome Status.lnk]
C:\PROGRA~1\MozyHome\mozystat.exe [2013-12-11 6479688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~1\TOTALM~1\TMSERV~1.EXE [2010-12-20 519744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WIP Miranda IM.lnk]
C:\PROGRA~2\WIPMIR~1.1\MIRAND~1.EXE [2007-10-18 551508]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^krysarr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk]
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe [2010-04-11 275736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-09-12 9107616]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE

C:\Users\krysarr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Esmska.lnk - C:\Program Files (x86)\Esmska\esmska.exe
JDownloader 2 Launcher.lnk - C:\Program Files\JDownloader 2\JDownloader 2.exe
SpeedFan.lnk - C:\Users\krysarr\Documents\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll, C:\Windows\Jaksta\AC\x64\jaudcap.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

[krysarr]

======List of files/folders created in the last 1 month======

2016-09-24 21:33:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-09-24 21:33:48 ----A---- C:\Windows\system32\tzres.dll
2016-09-18 14:37:28 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-09-18 14:37:28 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-09-18 14:37:28 ----A---- C:\Windows\system32\drivers\srv.sys
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuwebv.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wudriver.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wucltux.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuaueng.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuauclt.exe
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuapp.exe
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuapi.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wups2.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wups.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wow64win.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wow64.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\winsrv.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\srcore.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\schannel.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\ntdll.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\KernelBase.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\kernel32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\crypt32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-09-18 14:37:19 ----A---- C:\Windows\system32\advapi32.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\wow64cpu.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\wintrust.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\srclient.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\smss.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\rstrui.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\ntvdm64.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\msiexec.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\msi.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-09-18 14:37:18 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-09-18 14:37:18 ----A---- C:\Windows\system32\drivers\appid.sys
2016-09-18 14:37:18 ----A---- C:\Windows\system32\csrsrv.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\cryptsvc.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\cryptnet.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\consent.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\conhost.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\certcli.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\asycfilt.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\appidsvc.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\appidapi.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\user.exe
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\wdigest.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\TSpkg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\sspisrv.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\sspicli.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\secur32.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\rpchttp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\rpcrt4.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\ncrypt.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msv1_0.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msobjs.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msimsg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msihnd.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msaudite.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\lsass.exe
2016-09-18 14:37:17 ----A---- C:\Windows\system32\lsasrv.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\kerberos.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-09-18 14:37:17 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-09-18 14:37:17 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-09-18 14:37:17 ----A---- C:\Windows\system32\cryptbase.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\credssp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\authui.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\auditpol.exe
2016-09-18 14:37:17 ----A---- C:\Windows\system32\appinfo.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\apisetschema.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\adtschema.dll
2016-09-18 14:37:07 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-09-18 14:37:07 ----A---- C:\Windows\system32\win32k.sys
2016-09-18 14:37:07 ----A---- C:\Windows\system32\user32.dll
2016-09-18 14:35:21 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-09-18 14:35:21 ----A---- C:\Windows\system32\inetcomm.dll
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\netio.sys
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-09-18 14:35:20 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-09-18 14:35:20 ----A---- C:\Windows\system32\INETRES.dll
2016-09-18 14:33:10 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-09-18 14:33:10 ----A---- C:\Windows\system32\oleaut32.dll

======List of files/folders modified in the last 1 month======

2016-10-05 21:31:14 ----D---- C:\Program Files\trend micro
2016-10-05 21:31:13 ----D---- C:\Windows\temp
2016-10-05 20:41:40 ----D---- C:\Windows\system32\config
2016-10-05 20:25:46 ----D---- C:\Windows\System32
2016-10-05 20:25:46 ----D---- C:\Windows\inf
2016-10-05 20:25:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-05 20:19:54 ----D---- C:\Users\krysarr\AppData\Roaming\esmska
2016-10-05 20:19:44 ----D---- C:\Windows\Minidump
2016-10-05 20:19:44 ----D---- C:\Windows
2016-10-05 19:20:46 ----D---- C:\Windows\system32\drivers
2016-10-02 01:27:00 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-02 00:00:11 ----SHD---- C:\System Volume Information
2016-09-29 20:17:08 ----D---- C:\ProgramData
2016-09-28 12:39:43 ----D---- C:\Windows\SysWOW64
2016-09-28 12:39:43 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-26 20:03:02 ----SHD---- C:\Windows\Installer
2016-09-26 15:57:23 ----D---- C:\Windows\system32\Tasks
2016-09-26 15:57:23 ----D---- C:\Program Files (x86)\Opera 11.00 beta
2016-09-26 14:47:11 ----D---- C:\Users\krysarr\AppData\Roaming\Media Player Classic
2016-09-25 23:36:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-09-25 23:35:47 ----D---- C:\Program Files (x86)
2016-09-25 19:07:15 ----D---- C:\Windows\rescache
2016-09-24 21:34:24 ----D---- C:\Windows\winsxs
2016-09-24 21:34:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-09-24 21:34:19 ----D---- C:\Windows\system32\cs-CZ
2016-09-24 21:33:29 ----D---- C:\Windows\system32\catroot2
2016-09-24 21:31:58 ----D---- C:\Users\krysarr\AppData\Roaming\Skype
2016-09-23 21:22:31 ----SHD---- C:\Config.Msi
2016-09-23 21:22:31 ----D---- C:\ProgramData\Skype
2016-09-23 21:22:29 ----D---- C:\Program Files (x86)\Common Files
2016-09-19 22:45:48 ----D---- C:\Windows\system32\en-US
2016-09-19 22:45:47 ----RD---- C:\Program Files
2016-09-19 22:45:47 ----D---- C:\Windows\system32\Boot
2016-09-19 22:45:47 ----D---- C:\Windows\AppPatch
2016-09-18 14:46:25 ----D---- C:\Windows\system32\MRT
2016-09-18 14:38:09 ----D---- C:\Windows\debug
2016-09-18 14:38:02 ----AC---- C:\Windows\system32\MRT.exe
2016-09-16 11:32:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-09-16 11:32:09 ----D---- C:\Windows\system32\Macromed
2016-09-15 01:07:18 ----A---- C:\Windows\system32\cmdcsr.dll
2016-09-15 01:07:06 ----A---- C:\Windows\SYSWOW64\guard32.dll
2016-09-15 01:07:00 ----A---- C:\Windows\system32\guard64.dll
2016-09-15 01:05:06 ----A---- C:\Windows\system32\cmdvrt64.dll
2016-09-15 01:04:12 ----A---- C:\Windows\system32\cmdkbd64.dll
2016-09-15 01:02:18 ----A---- C:\Windows\SYSWOW64\cmdvrt32.dll
2016-09-15 01:01:24 ----A---- C:\Windows\SYSWOW64\cmdkbd32.dll
2016-09-12 18:33:00 ----D---- C:\Users\krysarr\AppData\Roaming\vlc
2016-09-07 01:00:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-09-07 00:56:24 ----D---- C:\Program Files (x86)\CyberLink
2016-09-07 00:53:14 ----D---- C:\Windows\pss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-08-24 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-08-24 292704]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440]
R0 EUBAKUP;EUBAKUP; C:\Windows\system32\drivers\eubakup.sys [2016-03-20 60968]
R0 EUBKMON;EUBKMON; C:\Windows\system32\drivers\EUBKMON.sys [2016-03-20 48168]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2016-04-21 160600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2016-04-23 19152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2016-04-21 339288]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-10-26 513080]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2014-10-28 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2014-10-28 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2014-10-28 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2014-10-28 117024]
R1 ArcSec;archlp; C:\Windows\system32\drivers\ArcSec.sys [2010-09-21 312184]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-04-22 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-08-24 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-08-24 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-22 513632]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 dvdfabio;dvdfabio; \??\C:\Windows\system32\drivers\dvdfabio.sys [2011-07-06 13184]
R1 EUDSKACS;EUDSKACS; \??\C:\Windows\system32\drivers\eudskacs.sys [2016-03-20 18472]
R1 EUFDDISK;EUFDDISK; \??\C:\Windows\system32\drivers\EuFdDisk.sys [2016-03-20 192552]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R1 mozyFilter;mozyFilter; C:\Windows\system32\DRIVERS\mozy.sys [2013-12-11 67808]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-08-24 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-08-24 163416]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 PfFilter;PfFilter; \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2016-09-12 72824]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2010-11-16 15672]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-02-11 6368256]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-02-11 188416]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-16 25816]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-11-27 82816]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 vdrive;vdrive; C:\Windows\system32\DRIVERS\vdrive.sys [2011-07-06 45952]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2014-10-28 367200]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-10-25 28320]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-08-24 37656]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2015-02-15 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2015-02-15 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-02-15 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-02-15 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Documents and Settings\Franta\Dokumenty\soft\CrystalMark2004R2\SysInfoX64.sys []
S3 FFUsbAudio;Focusrite USB Audio Driver; C:\Windows\system32\DRIVERS\ffusbaudio.sys [2010-03-05 51200]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-06 2419176]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-16 63704]
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2016-04-23 12504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2015-02-15 158720]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2014-10-28 1464096]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-02-11 202752]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-08-24 197128]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-28 5817256]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EaseUS Agent;EaseUS Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2016-03-20 36904]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2015-02-27 253776]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142360]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-08-12 5261584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-04-09 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-04-09 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-16 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-16 270016]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 cmdvirth;COMODO Virtual Service Manager; C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cmdvirth.exe [2016-09-28 2271928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-21 1255736]
S4 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S4 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-08-21 1144152]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
S4 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-10-28 3869688]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-04-09 50864]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-04-22 73728]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-09-25 172488]
S4 mozybackup;MozyHome Backup Service; C:\Program Files\MozyHome\mozybackup.exe [2013-12-11 55112]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-04-09 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-04-09 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-04-09 139944]
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]

-----------------EOF-----------------

[Rudy]

Zdravim!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[krysarr]

# AdwCleaner v6.020 - Logfile created 05/10/2016 at 22:20:03
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-10-03.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : krysarr - KRYSARR-PC
# Running from : C:\Users\krysarr\Desktop\adwcleaner_6.020.exe
# Mode: Clean
# Support : https://toolslib.net/forum



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****

[-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Mount Image.lnk


***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\BCUService
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{672B1330-7E4A-4D61-BE04-E2A132F04E1E}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{94047607-3841-4CE6-AE4D-14FF23AF9458}
[-] Key deleted: HKU\S-1-5-21-2364752156-3425092201-2570250543-1000\Software\PRODUCTSETUP
[-] Key deleted: HKU\S-1-5-21-2364752156-3425092201-2570250543-1000\Software\csastats
[-] Key deleted: HKU\S-1-5-21-2364752156-3425092201-2570250543-1000\Software\ICSW1.22
[#] Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: HKCU\Software\csastats
[#] Key deleted on reboot: HKCU\Software\ICSW1.22
[#] Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: [x64] HKCU\Software\csastats
[#] Key deleted on reboot: [x64] HKCU\Software\ICSW1.22


***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [11600 Bytes] - [10/10/2015 10:26:29]
C:\AdwCleaner\AdwCleaner[C2].txt - [1819 Bytes] - [05/10/2016 22:20:03]
C:\AdwCleaner\AdwCleaner[R0].txt - [8257 Bytes] - [06/01/2014 18:49:33]
C:\AdwCleaner\AdwCleaner[S0].txt - [7923 Bytes] - [06/01/2014 18:52:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [11160 Bytes] - [10/10/2015 10:20:09]
C:\AdwCleaner\AdwCleaner[S2].txt - [2271 Bytes] - [05/10/2016 22:19:39]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2185 Bytes] ##########

[Rudy]

Dejte nový log RSIT.

[krysarr]

Logfile of random's system information tool 1.10 (written by random/random)
Run by krysarr at 2016-10-05 22:46:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 12 GB (16%) free of 76 GB
Total RAM: 7934 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:46:17, on 5.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Users\krysarr\Documents\SpeedFan\speedfan.exe
C:\Program Files (x86)\Esmska\jre\launch4j-tmp\esmska.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\krysarr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - Startup: Esmska.lnk = C:\Program Files (x86)\Esmska\esmska.exe
O4 - Startup: JDownloader 2 Launcher.lnk = C:\Program Files\JDownloader 2\JDownloader 2.exe
O4 - Startup: SpeedFan.lnk = C:\Users\krysarr\Documents\SpeedFan\speedfan.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{361767F6-E1CC-4406-8CEC-208D090EE157}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{361767F6-E1CC-4406-8CEC-208D090EE157}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{361767F6-E1CC-4406-8CEC-208D090EE157}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cmdvirth.exe
O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9667 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
taskeng.exe {F73F7A52-6FFF-40BC-B6EC-6A690ABBE3DB}
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2788
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe"
"C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Users\krysarr\Documents\SpeedFan\speedfan.exe"
"C:\Program Files (x86)\Esmska\jre\launch4j-tmp\esmska.exe" -jar "C:\Program Files (x86)\Esmska\esmska.jar"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\System32\vds.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\krysarr\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0x22c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5352.0.1612993436\1102475717" --mojo-application-channel-token=01E3CBE8A604A15928D58A22167473B5 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-conservative/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,11,13,14,15,16,18,31,56 --gpu-vendor-id=0x1002 --gpu-device-id=0x9715 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.710.0.0 --gpu-driver-date=2-10-2010 --mojo-platform-channel-handle=1556 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=0117FDBA856EB565886CA85E1D5A7A02 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=22C628A9A313AB088D9FB7B6DFEFC282 --mojo-application-channel-token=0117FDBA856EB565886CA85E1D5A7A02 --channel="5352.3.1187807286\314493014" --mojo-platform-channel-handle=2840 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=EE54435BF8AED2190034274FF31253E2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=4239A340B0FA1870556BDC2233399099 --mojo-application-channel-token=EE54435BF8AED2190034274FF31253E2 --channel="5352.4.1946042376\701903888" --mojo-platform-channel-handle=4436 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=B97779BEA6D189C3FD0EF4ED638AE981 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=215576CB30B42949791AFCDE1671BCB8 --mojo-application-channel-token=B97779BEA6D189C3FD0EF4ED638AE981 --channel="5352.5.1121652812\1364601112" --mojo-platform-channel-handle=4528 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=37B13D49AEFBA0BA3072180D515D69F9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=CF245CF11A294BE80A2D06CEAFBECDDC --mojo-application-channel-token=37B13D49AEFBA0BA3072180D515D69F9 --channel="5352.6.1803510151\291910479" --mojo-platform-channel-handle=4516 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=99C31F04B2835DF17EEBD9EC2A72ACA3 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=8F515E456DFCAFF031F7174E330AD18A --mojo-application-channel-token=99C31F04B2835DF17EEBD9EC2A72ACA3 --channel="5352.7.1506414343\247154413" --mojo-platform-channel-handle=5992 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=80845CFB2209FC2B01ECFAD33D0303B6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=83319C7C0AB86495B304695A6EB4F78D --mojo-application-channel-token=80845CFB2209FC2B01ECFAD33D0303B6 --channel="5352.8.1790612864\251631403" --mojo-platform-channel-handle=6340 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=2398D6D553C340082279A048B3C05861 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=B0B113FAE6981F2AB3C23F323FE3D9EC --mojo-application-channel-token=2398D6D553C340082279A048B3C05861 --channel="5352.9.1438895620\1415948906" --mojo-platform-channel-handle=6692 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7055C0941DFB0FAA891BC323B42F095A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=AE09F3896DE9A8B125CEE42CB848B714 --mojo-application-channel-token=7055C0941DFB0FAA891BC323B42F095A --channel="5352.10.1826759416\2027397653" --mojo-platform-channel-handle=7128 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7228E40A4BC314D29B3ABA6108BB5B9B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=568AC352509E264D0358E4C6C0E7AAB8 --mojo-application-channel-token=7228E40A4BC314D29B3ABA6108BB5B9B --channel="5352.11.596934185\1053413146" --mojo-platform-channel-handle=4544 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7A90BCE22FE12AE275521E4E3157CF03 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=23F23FB6390E83EE80BF273AB72C9932 --mojo-application-channel-token=7A90BCE22FE12AE275521E4E3157CF03 --channel="5352.12.574728921\755087340" --mojo-platform-channel-handle=7968 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=64C618E5B21102BB2E4242638E06994A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=999BADAC121DC5F8951E27B7954C8A7C --mojo-application-channel-token=64C618E5B21102BB2E4242638E06994A --channel="5352.13.706473909\1468942387" --mojo-platform-channel-handle=7612 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=A678CA29538C29C7EB4D42C4602BD873 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=454199DB5133383733907723752495A8 --mojo-application-channel-token=A678CA29538C29C7EB4D42C4602BD873 --channel="5352.14.460975074\2105439419" --mojo-platform-channel-handle=9260 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=BF3CE288933C2457E539208AE4F49F9D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=BF7BF7BE3214D3CE58B1DF3AB98131A3 --mojo-application-channel-token=BF3CE288933C2457E539208AE4F49F9D --channel="5352.15.1596167577\1923238611" --mojo-platform-channel-handle=5976 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=C122A2664CA57EAE8BC8B1AB8B14A243 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=3DAAE7661995415B3B1A000F7C63812D --mojo-application-channel-token=C122A2664CA57EAE8BC8B1AB8B14A243 --channel="5352.16.1271947754\166589964" --mojo-platform-channel-handle=7484 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=0C75C652D97581A21A513B30253B4DFE --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=144C65F93D9B9820793435AE1BFDEAD6 --mojo-application-channel-token=0C75C652D97581A21A513B30253B4DFE --channel="5352.17.528419630\506079013" --mojo-platform-channel-handle=7712 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=F2697CC8CA5B22586B529F62AB69B990 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=F49BD7BAE6862C544ACA7434118095E6 --mojo-application-channel-token=F2697CC8CA5B22586B529F62AB69B990 --channel="5352.18.405657553\2139645826" --mojo-platform-channel-handle=7528 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=CA94000F4B607DE2D9CE5E6114B537F9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=E9993AB5AEBDF6E5B7196C5A2DE3BE49 --mojo-application-channel-token=CA94000F4B607DE2D9CE5E6114B537F9 --channel="5352.19.496280720\2119004430" --mojo-platform-channel-handle=10800 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=E9F5D64472EF4917593B17F5E716C389 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=FA11C31AC523C421B672F55DC373EDDC --mojo-application-channel-token=E9F5D64472EF4917593B17F5E716C389 --channel="5352.20.561149478\1386229325" --mojo-platform-channel-handle=11492 /prefetch:1
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=52E7EED2C733A383B2B9A23BDB168D0B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2105BD35AFEB126CFE2137A7BFA241D1 --mojo-application-channel-token=52E7EED2C733A383B2B9A23BDB168D0B --channel="5352.21.403058319\1122955474" --mojo-platform-channel-handle=10392 /prefetch:1
"G:\Films\NEW\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\krysarr\AppData\Roaming\Mozilla\Firefox\Profiles\by63fyf3.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://www.google.cz/#hl=cs&source=hp&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=Software602 Form Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\krysarr\AppData\Roaming\Mozilla\Firefox\Profiles\by63fyf3.default\extensions\
LogMeInClient@logmein.com

C:\Users\krysarr\AppData\Roaming\Mozilla\Firefox\Profiles\by63fyf3.default\searchplugins\
zbocz.xml

[krysarr]

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-08-24 948792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-24 713440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-06 11057768]
"COMODO Internet Security"=C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cistray.exe [2016-09-27 1610936]
"COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-27 1610936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-08-21 518976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor]
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-12-15 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security]
C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cistray.exe [2016-09-27 1610936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab VDrive]
C:\PROGRAM FILES\DVDFAB VIRTUAL DRIVE\VDRIVE.EXE [2011-07-06 309120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS TB Tray Agent]
C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [2016-03-20 253992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\krysarr\AppData\Roaming\ICQM\icq.exe [2013-02-18 26935144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [2011-11-12 557056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-04-22 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MDS_Menu]
C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD14Agent]
C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [2015-01-02 795672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe /server []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-04-03 3684488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-12-13 7806192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol]
C:\Program Files (x86)\TightVNC\tvnserver.exe -controlservice -slave []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-02-17 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [2010-06-02 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AirLive Skyphone-1000.lnk]
C:\PROGRA~2\AIRLIV~1\SKYPHO~1.EXE [2006-06-19 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Free Antivirus.lnk]
C:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MozyHome Status.lnk]
C:\PROGRA~1\MozyHome\mozystat.exe [2013-12-11 6479688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~1\TOTALM~1\TMSERV~1.EXE [2010-12-20 519744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WIP Miranda IM.lnk]
C:\PROGRA~2\WIPMIR~1.1\MIRAND~1.EXE [2007-10-18 551508]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^krysarr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk]
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe [2010-04-11 275736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-09-12 9107616]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE

C:\Users\krysarr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Esmska.lnk - C:\Program Files (x86)\Esmska\esmska.exe
JDownloader 2 Launcher.lnk - C:\Program Files\JDownloader 2\JDownloader 2.exe
SpeedFan.lnk - C:\Users\krysarr\Documents\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll, C:\Windows\Jaksta\AC\x64\jaudcap.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-09-24 21:33:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-09-24 21:33:48 ----A---- C:\Windows\system32\tzres.dll
2016-09-18 14:37:28 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-09-18 14:37:28 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-09-18 14:37:28 ----A---- C:\Windows\system32\drivers\srv.sys
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuwebv.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wudriver.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wucltux.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuaueng.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuauclt.exe
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuapp.exe
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuapi.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wups2.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wups.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wow64win.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wow64.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\winsrv.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\srcore.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\schannel.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\ntdll.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\KernelBase.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\kernel32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\crypt32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-09-18 14:37:19 ----A---- C:\Windows\system32\advapi32.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\wow64cpu.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\wintrust.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\srclient.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\smss.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\rstrui.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\ntvdm64.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\msiexec.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\msi.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-09-18 14:37:18 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-09-18 14:37:18 ----A---- C:\Windows\system32\drivers\appid.sys
2016-09-18 14:37:18 ----A---- C:\Windows\system32\csrsrv.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\cryptsvc.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\cryptnet.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\consent.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\conhost.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\certcli.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\asycfilt.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\appidsvc.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\appidapi.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\user.exe
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\wdigest.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\TSpkg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\sspisrv.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\sspicli.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\secur32.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\rpchttp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\rpcrt4.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\ncrypt.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msv1_0.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msobjs.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msimsg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msihnd.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msaudite.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\lsass.exe
2016-09-18 14:37:17 ----A---- C:\Windows\system32\lsasrv.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\kerberos.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-09-18 14:37:17 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-09-18 14:37:17 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-09-18 14:37:17 ----A---- C:\Windows\system32\cryptbase.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\credssp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\authui.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\auditpol.exe
2016-09-18 14:37:17 ----A---- C:\Windows\system32\appinfo.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\apisetschema.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\adtschema.dll
2016-09-18 14:37:07 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-09-18 14:37:07 ----A---- C:\Windows\system32\win32k.sys
2016-09-18 14:37:07 ----A---- C:\Windows\system32\user32.dll
2016-09-18 14:35:21 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-09-18 14:35:21 ----A---- C:\Windows\system32\inetcomm.dll
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\netio.sys
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-09-18 14:35:20 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-09-18 14:35:20 ----A---- C:\Windows\system32\INETRES.dll
2016-09-18 14:33:10 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-09-18 14:33:10 ----A---- C:\Windows\system32\oleaut32.dll

======List of files/folders modified in the last 1 month======

2016-10-05 22:46:17 ----D---- C:\Program Files\trend micro
2016-10-05 22:46:16 ----D---- C:\Windows\temp
2016-10-05 22:34:43 ----D---- C:\Windows\system32\config
2016-10-05 22:25:24 ----D---- C:\Windows\System32
2016-10-05 22:25:24 ----D---- C:\Windows\inf
2016-10-05 22:25:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-05 22:21:24 ----D---- C:\Users\krysarr\AppData\Roaming\esmska
2016-10-05 22:20:03 ----D---- C:\AdwCleaner
2016-10-05 20:19:44 ----D---- C:\Windows\Minidump
2016-10-05 20:19:44 ----D---- C:\Windows
2016-10-05 19:20:46 ----D---- C:\Windows\system32\drivers
2016-10-02 01:27:00 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-02 00:00:11 ----SHD---- C:\System Volume Information
2016-09-29 20:17:08 ----D---- C:\ProgramData
2016-09-28 12:39:43 ----D---- C:\Windows\SysWOW64
2016-09-28 12:39:43 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-26 20:03:02 ----SHD---- C:\Windows\Installer
2016-09-26 15:57:23 ----D---- C:\Windows\system32\Tasks
2016-09-26 15:57:23 ----D---- C:\Program Files (x86)\Opera 11.00 beta
2016-09-26 14:47:11 ----D---- C:\Users\krysarr\AppData\Roaming\Media Player Classic
2016-09-25 23:36:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-09-25 23:35:47 ----D---- C:\Program Files (x86)
2016-09-25 19:07:15 ----D---- C:\Windows\rescache
2016-09-24 21:34:24 ----D---- C:\Windows\winsxs
2016-09-24 21:34:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-09-24 21:34:19 ----D---- C:\Windows\system32\cs-CZ
2016-09-24 21:33:29 ----D---- C:\Windows\system32\catroot2
2016-09-24 21:31:58 ----D---- C:\Users\krysarr\AppData\Roaming\Skype
2016-09-23 21:22:31 ----SHD---- C:\Config.Msi
2016-09-23 21:22:31 ----D---- C:\ProgramData\Skype
2016-09-23 21:22:29 ----D---- C:\Program Files (x86)\Common Files
2016-09-19 22:45:48 ----D---- C:\Windows\system32\en-US
2016-09-19 22:45:47 ----RD---- C:\Program Files
2016-09-19 22:45:47 ----D---- C:\Windows\system32\Boot
2016-09-19 22:45:47 ----D---- C:\Windows\AppPatch
2016-09-18 14:46:25 ----D---- C:\Windows\system32\MRT
2016-09-18 14:38:09 ----D---- C:\Windows\debug
2016-09-18 14:38:02 ----AC---- C:\Windows\system32\MRT.exe
2016-09-16 11:32:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-09-16 11:32:09 ----D---- C:\Windows\system32\Macromed
2016-09-15 01:07:18 ----A---- C:\Windows\system32\cmdcsr.dll
2016-09-15 01:07:06 ----A---- C:\Windows\SYSWOW64\guard32.dll
2016-09-15 01:07:00 ----A---- C:\Windows\system32\guard64.dll
2016-09-15 01:05:06 ----A---- C:\Windows\system32\cmdvrt64.dll
2016-09-15 01:04:12 ----A---- C:\Windows\system32\cmdkbd64.dll
2016-09-15 01:02:18 ----A---- C:\Windows\SYSWOW64\cmdvrt32.dll
2016-09-15 01:01:24 ----A---- C:\Windows\SYSWOW64\cmdkbd32.dll
2016-09-12 18:33:00 ----D---- C:\Users\krysarr\AppData\Roaming\vlc
2016-09-07 01:00:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-09-07 00:56:24 ----D---- C:\Program Files (x86)\CyberLink
2016-09-07 00:53:14 ----D---- C:\Windows\pss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-08-24 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-08-24 292704]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440]
R0 EUBAKUP;EUBAKUP; C:\Windows\system32\drivers\eubakup.sys [2016-03-20 60968]
R0 EUBKMON;EUBKMON; C:\Windows\system32\drivers\EUBKMON.sys [2016-03-20 48168]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2016-04-21 160600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2016-04-23 19152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2016-04-21 339288]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-10-26 513080]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2014-10-28 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2014-10-28 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2014-10-28 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2014-10-28 117024]
R1 ArcSec;archlp; C:\Windows\system32\drivers\ArcSec.sys [2010-09-21 312184]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-04-22 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-08-24 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-08-24 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-22 513632]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 dvdfabio;dvdfabio; \??\C:\Windows\system32\drivers\dvdfabio.sys [2011-07-06 13184]
R1 EUDSKACS;EUDSKACS; \??\C:\Windows\system32\drivers\eudskacs.sys [2016-03-20 18472]
R1 EUFDDISK;EUFDDISK; \??\C:\Windows\system32\drivers\EuFdDisk.sys [2016-03-20 192552]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R1 mozyFilter;mozyFilter; C:\Windows\system32\DRIVERS\mozy.sys [2013-12-11 67808]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-08-24 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-08-24 163416]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 PfFilter;PfFilter; \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2016-09-12 72824]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2010-11-16 15672]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-02-11 6368256]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-02-11 188416]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-16 25816]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-11-27 82816]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 vdrive;vdrive; C:\Windows\system32\DRIVERS\vdrive.sys [2011-07-06 45952]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2014-10-28 367200]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-10-25 28320]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-08-24 37656]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2015-02-15 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2015-02-15 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-02-15 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-02-15 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Documents and Settings\Franta\Dokumenty\soft\CrystalMark2004R2\SysInfoX64.sys []
S3 FFUsbAudio;Focusrite USB Audio Driver; C:\Windows\system32\DRIVERS\ffusbaudio.sys [2010-03-05 51200]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-06 2419176]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-16 63704]
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2016-04-23 12504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2015-02-15 158720]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2014-10-28 1464096]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-02-11 202752]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-08-24 197128]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-28 5817256]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EaseUS Agent;EaseUS Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2016-03-20 36904]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2015-02-27 253776]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142360]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-08-12 5261584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-04-09 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-04-09 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-16 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-16 270016]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 cmdvirth;COMODO Virtual Service Manager; C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cmdvirth.exe [2016-09-28 2271928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-21 1255736]
S4 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S4 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-08-21 1144152]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
S4 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-10-28 3869688]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-04-09 50864]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-04-22 73728]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-09-25 172488]
S4 mozybackup;MozyHome Backup Service; C:\Program Files\MozyHome\mozybackup.exe [2013-12-11 55112]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-04-09 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-04-09 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-04-09 139944]
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]/64

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[krysarr]

Logfile of random's system information tool 1.10 (written by random/random)
Run by krysarr at 2016-10-09 23:13:19
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 12 GB (16%) free of 76 GB
Total RAM: 7934 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:13:20, on 9.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\krysarr\Documents\SpeedFan\speedfan.exe
C:\Program Files (x86)\Esmska\jre\launch4j-tmp\esmska.exe
C:\Program Files\trend micro\krysarr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - Startup: Esmska.lnk = C:\Program Files (x86)\Esmska\esmska.exe
O4 - Startup: JDownloader 2 Launcher.lnk = C:\Program Files\JDownloader 2\JDownloader 2.exe
O4 - Startup: SpeedFan.lnk = C:\Users\krysarr\Documents\SpeedFan\speedfan.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{361767F6-E1CC-4406-8CEC-208D090EE157}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{361767F6-E1CC-4406-8CEC-208D090EE157}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{361767F6-E1CC-4406-8CEC-208D090EE157}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cmdvirth.exe
O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8251 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
taskeng.exe {21BC67DD-9F7A-4E78-B756-21DD37AE7498}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {125F1A9F-25C0-42CB-A7D2-41CA553922DD}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2748
"C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe"
C:\Windows\System32\vds.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\10092016_225035.log
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Users\krysarr\Documents\SpeedFan\speedfan.exe"
"C:\Program Files (x86)\Esmska\jre\launch4j-tmp\esmska.exe" -jar "C:\Program Files (x86)\Esmska\esmska.jar"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\krysarr\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\krysarr\AppData\Roaming\Mozilla\Firefox\Profiles\by63fyf3.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://www.google.cz/#hl=cs&source=hp&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=Software602 Form Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\krysarr\AppData\Roaming\Mozilla\Firefox\Profiles\by63fyf3.default\extensions\
LogMeInClient@logmein.com

C:\Users\krysarr\AppData\Roaming\Mozilla\Firefox\Profiles\by63fyf3.default\searchplugins\
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-08-24 948792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-24 713440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-06 11057768]
"COMODO Internet Security"=C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cistray.exe [2016-09-27 1610936]
"COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-27 1610936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-08-21 518976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor]
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-12-15 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security]
C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cistray.exe [2016-09-27 1610936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab VDrive]
C:\PROGRAM FILES\DVDFAB VIRTUAL DRIVE\VDRIVE.EXE [2011-07-06 309120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS TB Tray Agent]
C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [2016-03-20 253992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\krysarr\AppData\Roaming\ICQM\icq.exe [2013-02-18 26935144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [2011-11-12 557056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-04-22 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MDS_Menu]
C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD14Agent]
C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [2015-01-02 795672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe /server []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-04-03 3684488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-12-13 7806192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol]
C:\Program Files (x86)\TightVNC\tvnserver.exe -controlservice -slave []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-02-17 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [2010-06-02 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AirLive Skyphone-1000.lnk]
C:\PROGRA~2\AIRLIV~1\SKYPHO~1.EXE [2006-06-19 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Free Antivirus.lnk]
C:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MozyHome Status.lnk]
C:\PROGRA~1\MozyHome\mozystat.exe [2013-12-11 6479688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~1\TOTALM~1\TMSERV~1.EXE [2010-12-20 519744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WIP Miranda IM.lnk]
C:\PROGRA~2\WIPMIR~1.1\MIRAND~1.EXE [2007-10-18 551508]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^krysarr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk]
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe [2010-04-11 275736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-09-12 9107616]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE

C:\Users\krysarr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Esmska.lnk - C:\Program Files (x86)\Esmska\esmska.exe
JDownloader 2 Launcher.lnk - C:\Program Files\JDownloader 2\JDownloader 2.exe
SpeedFan.lnk - C:\Users\krysarr\Documents\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll, C:\Windows\Jaksta\AC\x64\jaudcap.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-09-24 21:33:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-09-24 21:33:48 ----A---- C:\Windows\system32\tzres.dll
2016-09-18 14:37:28 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-09-18 14:37:28 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-09-18 14:37:28 ----A---- C:\Windows\system32\drivers\srv.sys
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-09-18 14:37:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuwebv.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wudriver.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wucltux.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuaueng.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuauclt.exe
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuapp.exe
2016-09-18 14:37:20 ----A---- C:\Windows\system32\wuapi.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-09-18 14:37:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wups2.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wups.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wow64win.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\wow64.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\winsrv.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\srcore.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\schannel.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\ntdll.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\KernelBase.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\kernel32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\crypt32.dll
2016-09-18 14:37:19 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-09-18 14:37:19 ----A---- C:\Windows\system32\advapi32.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-18 14:37:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-09-18 14:37:18 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\wow64cpu.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\wintrust.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\srclient.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\smss.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\rstrui.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\ntvdm64.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\msiexec.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\msi.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-09-18 14:37:18 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-09-18 14:37:18 ----A---- C:\Windows\system32\drivers\appid.sys
2016-09-18 14:37:18 ----A---- C:\Windows\system32\csrsrv.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\cryptsvc.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\cryptnet.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\consent.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\conhost.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\certcli.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\asycfilt.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\appidsvc.dll
2016-09-18 14:37:18 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-09-18 14:37:18 ----A---- C:\Windows\system32\appidapi.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-18 14:37:17 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\user.exe
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-09-18 14:37:17 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\wdigest.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\TSpkg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\sspisrv.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\sspicli.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\secur32.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\rpchttp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\rpcrt4.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\ncrypt.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msv1_0.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msobjs.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msimsg.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msihnd.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\msaudite.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\lsass.exe
2016-09-18 14:37:17 ----A---- C:\Windows\system32\lsasrv.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\kerberos.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-09-18 14:37:17 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-09-18 14:37:17 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-09-18 14:37:17 ----A---- C:\Windows\system32\cryptbase.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\credssp.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\authui.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\auditpol.exe
2016-09-18 14:37:17 ----A---- C:\Windows\system32\appinfo.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\apisetschema.dll
2016-09-18 14:37:17 ----A---- C:\Windows\system32\adtschema.dll
2016-09-18 14:37:07 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-09-18 14:37:07 ----A---- C:\Windows\system32\win32k.sys
2016-09-18 14:37:07 ----A---- C:\Windows\system32\user32.dll
2016-09-18 14:35:21 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-09-18 14:35:21 ----A---- C:\Windows\system32\inetcomm.dll
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\netio.sys
2016-09-18 14:35:21 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-09-18 14:35:20 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-09-18 14:35:20 ----A---- C:\Windows\system32\INETRES.dll
2016-09-18 14:33:10 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-09-18 14:33:10 ----A---- C:\Windows\system32\oleaut32.dll

======List of files/folders modified in the last 1 month======

2016-10-09 23:13:19 ----D---- C:\Program Files\trend micro
2016-10-09 23:12:58 ----D---- C:\Windows\temp
2016-10-09 23:12:58 ----D---- C:\Windows\system32\config
2016-10-09 23:11:22 ----D---- C:\Users\krysarr\AppData\Roaming\esmska
2016-10-09 23:03:38 ----D---- C:\Windows\System32
2016-10-09 23:03:38 ----D---- C:\Windows\inf
2016-10-09 23:03:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-09 22:55:34 ----D---- C:\Windows\SysWOW64
2016-10-09 22:50:36 ----D---- C:\Windows\Tasks
2016-10-09 20:02:56 ----D---- C:\Users\krysarr\AppData\Roaming\vlc
2016-10-09 19:40:27 ----D---- C:\Windows\system32\drivers
2016-10-09 04:20:19 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-07 00:26:19 ----D---- C:\ProgramData
2016-10-06 15:57:54 ----D---- C:\Windows\system32\Tasks
2016-10-06 15:57:54 ----D---- C:\Program Files (x86)\Opera 11.00 beta
2016-10-05 22:20:03 ----D---- C:\AdwCleaner
2016-10-05 20:19:44 ----D---- C:\Windows\Minidump
2016-10-05 20:19:44 ----D---- C:\Windows
2016-10-02 00:00:11 ----SHD---- C:\System Volume Information
2016-09-28 12:39:43 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-26 20:03:02 ----SHD---- C:\Windows\Installer
2016-09-26 14:47:11 ----D---- C:\Users\krysarr\AppData\Roaming\Media Player Classic
2016-09-25 23:36:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-09-25 23:35:47 ----D---- C:\Program Files (x86)
2016-09-25 19:07:15 ----D---- C:\Windows\rescache
2016-09-24 21:34:24 ----D---- C:\Windows\winsxs
2016-09-24 21:34:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-09-24 21:34:19 ----D---- C:\Windows\system32\cs-CZ
2016-09-24 21:33:29 ----D---- C:\Windows\system32\catroot2
2016-09-24 21:31:58 ----D---- C:\Users\krysarr\AppData\Roaming\Skype
2016-09-23 21:22:31 ----SHD---- C:\Config.Msi
2016-09-23 21:22:31 ----D---- C:\ProgramData\Skype
2016-09-23 21:22:29 ----D---- C:\Program Files (x86)\Common Files
2016-09-19 22:45:48 ----D---- C:\Windows\system32\en-US
2016-09-19 22:45:47 ----RD---- C:\Program Files
2016-09-19 22:45:47 ----D---- C:\Windows\system32\Boot
2016-09-19 22:45:47 ----D---- C:\Windows\AppPatch
2016-09-18 14:46:25 ----D---- C:\Windows\system32\MRT
2016-09-18 14:38:09 ----D---- C:\Windows\debug
2016-09-18 14:38:02 ----AC---- C:\Windows\system32\MRT.exe
2016-09-16 11:32:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-09-16 11:32:09 ----D---- C:\Windows\system32\Macromed
2016-09-15 01:07:18 ----A---- C:\Windows\system32\cmdcsr.dll
2016-09-15 01:07:06 ----A---- C:\Windows\SYSWOW64\guard32.dll
2016-09-15 01:07:00 ----A---- C:\Windows\system32\guard64.dll
2016-09-15 01:05:06 ----A---- C:\Windows\system32\cmdvrt64.dll
2016-09-15 01:04:12 ----A---- C:\Windows\system32\cmdkbd64.dll
2016-09-15 01:02:18 ----A---- C:\Windows\SYSWOW64\cmdvrt32.dll
2016-09-15 01:01:24 ----A---- C:\Windows\SYSWOW64\cmdkbd32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-08-24 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-08-24 292704]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440]
R0 EUBAKUP;EUBAKUP; C:\Windows\system32\drivers\eubakup.sys [2016-03-20 60968]
R0 EUBKMON;EUBKMON; C:\Windows\system32\drivers\EUBKMON.sys [2016-03-20 48168]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2016-04-21 160600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2016-04-23 19152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2016-04-21 339288]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-10-26 513080]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2014-10-28 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2014-10-28 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2014-10-28 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2014-10-28 117024]
R1 ArcSec;archlp; C:\Windows\system32\drivers\ArcSec.sys [2010-09-21 312184]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-04-22 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-08-24 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-08-24 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-22 513632]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 dvdfabio;dvdfabio; \??\C:\Windows\system32\drivers\dvdfabio.sys [2011-07-06 13184]
R1 EUDSKACS;EUDSKACS; \??\C:\Windows\system32\drivers\eudskacs.sys [2016-03-20 18472]
R1 EUFDDISK;EUFDDISK; \??\C:\Windows\system32\drivers\EuFdDisk.sys [2016-03-20 192552]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R1 mozyFilter;mozyFilter; C:\Windows\system32\DRIVERS\mozy.sys [2013-12-11 67808]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-08-24 108816]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 PfFilter;PfFilter; \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2016-09-12 72824]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2010-11-16 15672]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-02-11 6368256]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-02-11 188416]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-16 25816]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-11-27 82816]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 vdrive;vdrive; C:\Windows\system32\DRIVERS\vdrive.sys [2011-07-06 45952]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-08-24 163416]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2014-10-28 367200]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-10-25 28320]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-08-24 37656]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2015-02-15 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2015-02-15 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-02-15 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-02-15 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Documents and Settings\Franta\Dokumenty\soft\CrystalMark2004R2\SysInfoX64.sys []
S3 FFUsbAudio;Focusrite USB Audio Driver; C:\Windows\system32\DRIVERS\ffusbaudio.sys [2010-03-05 51200]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-06 2419176]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-16 63704]
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2016-04-23 12504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2015-02-15 158720]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2014-10-28 1464096]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-02-11 202752]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-08-24 197128]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-28 5817256]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EaseUS Agent;EaseUS Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2016-03-20 36904]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2015-02-27 253776]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142360]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-08-12 5261584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-04-09 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-04-09 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-16 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-16 270016]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 cmdvirth;COMODO Virtual Service Manager; C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cmdvirth.exe [2016-09-28 2271928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-21 1255736]
S4 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S4 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-08-21 1144152]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
S4 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-10-28 3869688]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-04-09 50864]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-04-22 73728]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-09-25 172488]
S4 mozybackup;MozyHome Backup Service; C:\Program Files\MozyHome\mozybackup.exe [2013-12-11 55112]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-04-09 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-04-09 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-04-09 139944]
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]

-----------------EOF-----------------

[Rudy]

Smazáno. Nastala nějaká změna?

[krysarr]

Zatím se počítač chová slušně.
Děkuji Vám!

[Rudy]

Rádo se stalo!