Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Aero 7 nefunguje, preblikáva obrazovka

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
SabreSK
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 pro 2016 16:58

Aero 7 nefunguje, preblikáva obrazovka

#1 Příspěvek od SabreSK »

Dobrý deň,

mám problémy s notebookom. Nedávno som aktualizoval softvér, o pár dní som si všimol nejaké zmeny v správaní notebooku ako vypínanie pri prechode do úsporného režimu, pomalé načítanie Windowsu, vypínanie adblocku či antiviru.
A antivírus mi to potvrdil, bol tam adware. Vymazal som čo sa dalo, prešiel som to MBAM-om, cez Zemana a Hitmanpro a snažil sa všetko vyčistiť. Nakoniec mi ukazovalo čisté logy avšak Win Aero nefungoval, grafika tiež blbla - preblikávanie obrazovky a pod.
A vlastne takto to aj ostalo navzdory opakovanej preinštalácií driverov Intel HD 4000 grafiky aj ATi Radeon 8750m z ofiko stránky HP. Aj driver HD 4000 grafiky sa pokúšal cez WinSAT zapnúť tému Aero pri spustení a nič. Najnovšie blbne celá Mozilla, preblikáva.

Neviem čo zmeniť.
Prosím teda o radu. :(

Pripájam log z RSIT

Logfile of random's system information tool 1.14 (written by random/random)
Run by Valér at 2016-12-10 18:02:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 9 GB (1%) free of 662 GB
Total RAM: 8041 MB (66% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:02:43, on 10. 12. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Mouse Driver\StartAutorun.exe
C:\Program Files (x86)\Mouse Driver\KMConfig.exe
C:\Program Files\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mouse Driver\KMProcess.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Valér\AppData\Local\Google\Chrome\User Data\SwReporter\11.70.2\software_reporter_tool.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Valér_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [CLWCSM] "c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\HP\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Power2GoExpress8] NA
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 12 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.12.0) - ABBYY Production LLC - C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: ed2k idle service (ed2kidle) - http://www.amule.org/ - C:\Program Files (x86)\amuleC1\ed2k.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HP Connection Manager 5 Service (hpCMSrv) - HP - C:\Program Files (x86)\HP\HP Connection Manager\hpCMSrv.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - HP - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: JumpStart Push-Button Service (jswpbapi) - Atheros Communications, Inc. - C:\Program Files (x86)\Jumpstart\jswpbapi.exe
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\Jumpstart\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TTService - TorrentsTime - C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\SysWOW64\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16325 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
C:\Windows\SysWow64\IntelCpHeciSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Jumpstart\jswpbapi.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe"
"C:\Program Files (x86)\Popcorn Time\Updater.exe"
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\System32\alg.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxTray.exe
C:\Windows\system32\igfxHK.exe
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Mouse Driver\StartAutorun.exe" KMConfig.exe
C:\Program Files (x86)\Mouse Driver\KMConfig.exe
"C:\Program Files\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mouse Driver\KMProcess.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\amuleC1\ed2k.exe" -downloadwhenidle
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Program Files (x86)\HP\HP Connection Manager\hpConnectionManager.exe
"C:\Program Files (x86)\HP\HP Connection Manager\hpCMSrv.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Valér\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x18c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_17/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,15,16,17,20,34,51,60 --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.100.14.9000 --gpu-driver-date=6-5-2013 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0166 --gpu-active-vendor-id=0x8086 --gpu-active-device-id=0x0166 --mojo-application-channel-token=421D54D8A25BEE4CDFEAA44CE5ACE1F3 --mojo-platform-channel-handle=1328 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_17/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=845A5B8DC9BFC0F59D0AFC30840B43A1 --lang=sk --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=845A5B8DC9BFC0F59D0AFC30840B43A1 --channel="8084.0.1363617046\1494368617" --mojo-platform-channel-handle=2304 /prefetch:1
"C:\Users\Valér\AppData\Local\Google\Chrome\User Data\SwReporter\11.70.2\software_reporter_tool.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_17/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=8BB87D2D7EEB5EA8CD397383A0924291 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=8BB87D2D7EEB5EA8CD397383A0924291 --channel="8084.3.323891167\315741739" --mojo-platform-channel-handle=4044 /prefetch:1
"C:\Users\Valér\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000Core.job - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000UA.job - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\AMD Updater - "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\Avast\AvastEmUpdate.exe
C:\Windows\system32\tasks\Browser Updater Task(Core) - ""C:\Program Files (x86)\TXQQBrowser\Update\A675F39E62BB12CBADB4373B86582E6E\Update\BrowserUpdate.exe"" 87B20C06-6890-4CFE-B40F-004064F87F12
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000Core - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000UA - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\{012BD281-426F-445C-B0C1-D32EBD02BA65} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Counter-Strike 1.6\Uninstal.exe"
C:\Windows\system32\tasks\{0822B448-76DA-4EDC-8CD2-E40AB110A6B2} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{0F5674BF-CCAE-4EAA-B116-F8F39E21A044} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{1ECF0B54-F25C-4E40-B293-6D17DE6B12BB} - C:\Windows\system32\pcalua.exe -a G:\sp61626(1).exe -d G:\
C:\Windows\system32\tasks\{2FB86E61-CD96-4BBB-BA04-57852247F3DD} - C:\Windows\system32\pcalua.exe -a G:\sp61617.exe -d G:\
C:\Windows\system32\tasks\{392FC1EA-9085-41A7-84F1-E3D8F3E9CCA2} - C:\Windows\system32\pcalua.exe -a G:\sp60818.exe -d G:\
C:\Windows\system32\tasks\{3ACE0C19-6935-48D0-ADAB-F8F7AD80F2B5} - C:\Windows\system32\pcalua.exe -a G:\Setup.exe -d G:\
C:\Windows\system32\tasks\{49C2090E-9A2C-4DC4-A47A-E1647581DE70} - C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\tasks\{81694313-2788-4491-B6D8-2D019B82436E} - C:\Windows\system32\pcalua.exe -a C:\Users\Valér\Downloads\sp70001.exe -d C:\Users\Valér\Downloads
C:\Windows\system32\tasks\{927DC5D2-0B8A-4782-B7F0-CAC4758D42F7} - C:\Program Files\Tor Browser\Browser\firefox.exe
C:\Windows\system32\tasks\{9E37DA79-CA5C-4B7D-B72D-96917C9C7A56} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Hewlett-Packard\HP SoftPaq Download Manager\SoftPaqDownloadManager.exe"
C:\Windows\system32\tasks\{A9B3C804-6BD1-4420-AD22-C878F5E579D2} - C:\Windows\system32\pcalua.exe -a C:\Users\Valér\Desktop\Ignition\Setup.exe -d C:\Users\Valér\Desktop\Ignition
C:\Windows\system32\tasks\{A9CC20F5-DCF0-4830-9C44-F1547B1EC329} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\NetBeans 8.1\uninstall.exe"
C:\Windows\system32\tasks\{B40C2322-310B-4F56-96B1-68C03116E6E2} - C:\Windows\system32\pcalua.exe -a G:\sp61518.exe -d G:\
C:\Windows\system32\tasks\{BA6D0196-2E65-41CE-AC42-5AF0259D7652} - C:\Windows\system32\pcalua.exe -a G:\sp61498.exe -d G:\
C:\Windows\system32\tasks\{BA6E38A0-AF73-4374-B543-0E153D84EED2} - C:\Windows\system32\pcalua.exe -a G:\sp61047.exe -d G:\
C:\Windows\system32\tasks\{C1B4525B-13D7-43D9-8423-6E588A66778B} - C:\Windows\system32\pcalua.exe -a G:\sp61614.exe -d G:\
C:\Windows\system32\tasks\{CEDCDBA2-9AC7-470A-8C7C-068DAC5B5A57} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe" -c /M{D71DF8CD-34E5-43E9-93A6-379BA92C1B9A}
C:\Windows\system32\tasks\{D022E0E9-ED75-4443-8224-D00962120C1F} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{D48B5ED5-93EC-4C1E-821F-0F8F4DF9B9B9} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{D96C766B-E285-4D54-8EAD-1B98487182AB} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -d "C:\Program Files (x86)\Seznam.cz\distribution"
C:\Windows\system32\tasks\{E2F63821-E59C-45E8-8056-3FB34DF1BA97} - C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe"
C:\Windows\system32\tasks\{E62B774A-143F-4FF7-8EF1-E0F0436A38AF} - C:\Windows\system32\pcalua.exe -a G:\sp62348.exe -d G:\
C:\Windows\system32\tasks\{EE869CEE-957B-4FDC-B629-5304FE1A4598} - C:\Windows\system32\pcalua.exe -a C:\Users\Valér\Downloads\sp77113.exe -d C:\Users\Valér\Downloads
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349

"wrc@avast.com"=C:\Program Files\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.112.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.112.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_112\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npdjvu.dll
npexview.dll
NPOFF12.DLL
nppdf32.dll

C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349\addons.json

C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Firefox - extension - firefox@prehliadac.sk - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\firefox@prehliadac.sk
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Avast Online Security - extension - wrc@avast.com - C:\Program Files\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\Avast\SafePrice\FF

C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349\pluginreg.dat
Plugin - AdobeAAMDetect - 1.0.0.0 - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
Plugin - Adobe Acrobat - 15.20.20039.7108 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.31.5 - C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave for Director - 12.2.5.195 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
Plugin - TTPlugin - 1.0.0.0 - C:\Program Files (x86)\TorrentsTime Media Player\bin\npTTPlugin.dll
Plugin - Facebook Video Calling Plugin - 3.1.0.521 - C:\Users\Valér\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

=========Google Chrome=========

C:\Users\Valér\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 0 Adblock Plus 1.12.4
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension elicpjhcidhpjomhibiffojpinpmmpil 0 Video Downloader professional 1.97.54
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.102
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 0 AdBlock 3.4.0
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.124
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lmjegmlicamnimmfhcmpkclmigmmcbeh 0 Application Launcher for Drive (by Google) 3.2
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mlomiejdfkolichcflejclcbmpeaniij 0 Ghostery 7.1.0.49
Extension nbhibnjbbdkflfklbdpgbifkhcielgcm 0 Merge PDF - Smallpdf.com 1.0.0.4
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage:
default_search_provider.search_url:
C:\Users\Valér\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-12-06 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-12-06 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-05 1702912]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-25 2774256]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2016-11-29 2786768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress8"=NA []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-19 8455960]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11]
C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR12]
C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [2015-03-30 1472312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\f.lux]
C:\Users\Valér\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2013-03-11 77088]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-02-29 56088]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-01-31 337184]
"CLWCSM"=c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [2013-02-20 249096]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-12-20 291280]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-11-21 111136]
"CLVirtualDrive"=C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-11-21 493088]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"KMCONFIG"=C:\Program Files (x86)\Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"AvastUI.exe"=C:\Program Files\Avast\AvastUI.exe [2016-11-15 9080768]
"HPConnectionManager"=C:\Program Files (x86)\HP\HP Connection Manager\HPCMDelayStart.exe [2016-04-07 235872]
""= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-06-05 642816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-12-10 16:53:07 ----D---- C:\Program Files\trend micro
2016-12-10 16:53:06 ----D---- C:\rsit
2016-12-10 16:04:48 ----D---- C:\FRST
2016-12-10 04:38:08 ----D---- C:\ProgramData\ATI
2016-12-10 04:23:17 ----D---- C:\Program Files (x86)\AMD AVT
2016-12-10 04:23:14 ----D---- C:\Program Files (x86)\AMD APP
2016-12-10 04:22:23 ----D---- C:\Program Files (x86)\ATI Technologies
2016-12-10 04:22:23 ----A---- C:\Windows\SYSWOW64\atipblup.dat
2016-12-10 04:22:23 ----A---- C:\Windows\system32\atipblup.dat
2016-12-10 03:30:18 ----A---- C:\Windows\SYSWOW64\SET88D0.tmp
2016-12-10 02:16:12 ----A---- C:\Windows\system32\drivers\hitmanpro37.sys
2016-12-10 00:59:24 ----D---- C:\ProgramData\HitmanPro
2016-12-10 00:45:11 ----A---- C:\Windows\system32\drivers\SETBE8D.tmp
2016-12-10 00:02:37 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2016-12-10 00:02:24 ----A---- C:\Windows\system32\drivers\farflt.sys
2016-12-10 00:02:23 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-12-10 00:02:20 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-12-10 00:02:13 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-12-10 00:01:45 ----A---- C:\Windows\system32\drivers\mbae64.sys
2016-12-10 00:01:41 ----D---- C:\Program Files\Malwarebytes
2016-12-09 19:07:37 ----A---- C:\Windows\system32\drivers\zam64.sys
2016-12-09 19:07:35 ----A---- C:\Windows\system32\drivers\zamguard64.sys
2016-12-09 15:52:35 ----AD---- C:\Program Files (x86)\Firefox
2016-12-09 15:52:19 ----D---- C:\Program Files (x86)\Elex-tech
2016-12-09 12:51:25 ----D---- C:\Program Files (x86)\amuleC1
2016-12-09 12:51:24 ----D---- C:\ProgramData\WinSAPSvc
2016-12-09 12:47:10 ----D---- C:\Program Files (x86)\2me4rbwg
2016-12-09 11:28:48 ----D---- C:\Users\Valér\AppData\Roaming\gjdgj
2016-12-09 11:28:48 ----D---- C:\Program Files (x86)\UvConverter
2016-12-09 11:28:44 ----D---- C:\Users\Valér\AppData\Roaming\aMule
2016-12-08 00:47:09 ----D---- C:\Program Files (x86)\qx2r52dp
2016-12-08 00:22:43 ----D---- C:\Program Files (x86)\rut07zcq
2016-12-06 02:02:38 ----D---- C:\Users\Valér\AppData\Roaming\Airytec
2016-12-06 02:02:35 ----D---- C:\Program Files\Airytec
2016-12-06 00:33:13 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2016-12-06 00:27:01 ----D---- C:\Program Files\Java
2016-12-02 04:47:27 ----D---- C:\Program Files (x86)\WinArcher
2016-12-02 04:47:26 ----D---- C:\ProgramData\wintools
2016-12-02 04:47:10 ----D---- C:\Program Files (x86)\unv9g81h
2016-12-01 02:47:10 ----D---- C:\Program Files (x86)\kxm7b8yy
2016-12-01 00:47:10 ----D---- C:\Program Files (x86)\nbkb81q2
2016-11-30 21:15:28 ----D---- C:\Program Files (x86)\o0a1z2iz
2016-11-30 15:00:07 ----D---- C:\Program Files (x86)\9xs4g3d0
2016-11-30 08:47:10 ----D---- C:\Program Files (x86)\urg59zxb
2016-11-30 08:28:51 ----D---- C:\Program Files (x86)\614y4z2q
2016-11-28 12:49:54 ----D---- C:\Program Files\CyberGhost 6
2016-11-28 12:46:20 ----D---- C:\Program Files\CyberGhost 5
2016-11-28 03:11:19 ----D---- C:\Program Files\CyberGhost VPN
2016-11-27 21:02:05 ----D---- C:\Users\Valér\AppData\Roaming\HP
2016-11-27 20:59:50 ----D---- C:\Program Files (x86)\HP
2016-11-27 20:56:42 ----D---- C:\Program Files\Microsoft SQL Server
2016-11-27 20:56:42 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2016-11-27 20:56:42 ----D---- C:\Program Files (x86)\Microsoft SDKs
2016-11-27 19:58:44 ----A---- C:\Windows\SYSWOW64\SET63C1.tmp
2016-11-27 19:16:48 ----A---- C:\Windows\system32\drivers\semav6msr64.sys
2016-11-27 19:10:29 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-11-27 19:10:29 ----A---- C:\Windows\system32\wksprt.exe
2016-11-27 19:10:29 ----A---- C:\Windows\system32\mstscax.dll
2016-11-27 19:10:28 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-11-27 19:10:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-11-27 19:10:28 ----A---- C:\Windows\system32\tsgqec.dll
2016-11-27 19:10:28 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-11-27 18:55:36 ----A---- C:\Windows\system32\SET9714.tmp
2016-11-27 16:37:44 ----A---- C:\Windows\system32\rdpudd.dll
2016-11-27 16:37:44 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-11-27 16:37:44 ----A---- C:\Windows\system32\rdpcorets.dll
2016-11-27 16:37:30 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-11-27 16:20:13 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-27 15:44:13 ----A---- C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-11-27 15:33:55 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-11-27 15:33:55 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-11-27 15:33:55 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-11-27 15:33:55 ----A---- C:\Windows\system32\vulkan-1.dll
2016-11-27 15:33:53 ----D---- C:\Program Files (x86)\VulkanRT
2016-11-25 00:12:36 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-11-25 00:12:32 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-11-25 00:12:32 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-11-25 00:12:32 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2016-11-25 00:12:27 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2016-11-25 00:12:27 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2016-11-25 00:12:27 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2016-11-25 00:12:27 ----A---- C:\Windows\system32\wksprtPS.dll
2016-11-25 00:12:27 ----A---- C:\Windows\system32\mstsc.exe
2016-11-25 00:12:27 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2016-11-25 00:08:46 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2016-11-25 00:08:38 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2016-11-25 00:08:38 ----A---- C:\Windows\system32\rdpendp_winip.dll
2016-11-23 22:31:36 ----A---- C:\Windows\system32\icaapi.dll
2016-11-23 22:31:35 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2016-11-23 22:30:57 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-11-23 22:30:57 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-11-23 22:30:57 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-11-23 22:30:57 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-11-23 22:30:57 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-11-23 22:30:57 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-11-23 22:30:56 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-11-23 22:30:56 ----A---- C:\Windows\system32\nlsbres.dll
2016-11-12 23:11:30 ----D---- C:\Counter-Strike
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-11 22:18:56 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-11 22:18:52 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\vbscript.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\srcore.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\srclient.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\schannel.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\rstrui.exe
2016-11-11 22:18:48 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\jscript9.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\jscript.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\msobjs.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\msaudite.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\auditpol.exe
2016-11-11 22:18:46 ----A---- C:\Windows\system32\adtschema.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\wininet.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\webcheck.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\urlmon.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\tzres.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\sspicli.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\secur32.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\occache.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\msrating.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\mshtml.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\lsass.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\inseng.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieui.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iesetup.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iertutil.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iernonce.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieframe.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-11 22:18:45 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-11 22:18:44 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-11 22:18:44 ----A---- C:\Windows\system32\certcli.dll
2016-11-11 22:18:44 ----A---- C:\Windows\system32\advapi32.dll
2016-11-11 22:00:13 ----A---- C:\Windows\system32\win32k.sys
2016-11-11 22:00:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-11 22:00:10 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-11 22:00:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-11 22:00:09 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-11 22:00:09 ----A---- C:\Windows\system32\win32spl.dll
2016-11-11 22:00:09 ----A---- C:\Windows\system32\ntdll.dll
2016-11-11 22:00:09 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-11 22:00:08 ----A---- C:\Windows\system32\clfs.sys
2016-11-11 22:00:08 ----A---- C:\Windows\system32\atmfd.dll
2016-11-11 22:00:07 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-11 22:00:07 ----A---- C:\Windows\system32\msctf.dll
2016-11-11 22:00:07 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-11 22:00:07 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-11 22:00:04 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-11 22:00:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-11 22:00:01 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-11 22:00:00 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-11 22:00:00 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-11 22:00:00 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-11 22:00:00 ----A---- C:\Windows\system32\input.dll
2016-11-11 22:00:00 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-11 21:59:59 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-11 21:59:57 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\wdigest.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\smss.exe
2016-11-11 21:59:54 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\lpk.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\kernel32.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\kerberos.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\INETRES.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\fontsub.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-11 21:59:54 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\wow64win.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\wow64.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\winsrv.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-11 21:59:53 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-11 21:59:53 ----A---- C:\Windows\system32\dciman32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\credssp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\conhost.exe
2016-11-11 21:59:53 ----A---- C:\Windows\system32\atmlib.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidapi.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-11 21:59:51 ----A---- C:\Windows\system32\apisetschema.dll

======List of files/folders modified in the last 1 month======

2016-12-10 18:02:20 ----D---- C:\Users\Valér\AppData\Roaming\vlc
2016-12-10 17:58:34 ----D---- C:\Windows\System32
2016-12-10 17:58:34 ----D---- C:\Windows\inf
2016-12-10 17:58:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-10 17:54:24 ----A---- C:\Windows\SYSWOW64\log.txt
2016-12-10 17:54:23 ----D---- C:\Windows\Temp
2016-12-10 17:52:36 ----D---- C:\Windows
2016-12-10 17:52:01 ----D---- C:\ProgramData\VMware
2016-12-10 17:51:31 ----D---- C:\Program Files (x86)\Hi-Rez Studios
2016-12-10 17:50:56 ----A---- C:\Windows\SYSWOW64\bscs.ini
2016-12-10 17:49:55 ----D---- C:\Windows\system32\catroot
2016-12-10 17:49:53 ----D---- C:\Windows\system32\config
2016-12-10 17:48:58 ----D---- C:\Windows\SysWOW64
2016-12-10 17:32:31 ----D---- C:\Windows\Microsoft.NET
2016-12-10 17:26:00 ----D---- C:\Users\Valér\AppData\Roaming\Profiles
2016-12-10 17:16:16 ----SHD---- C:\Config.Msi
2016-12-10 17:14:00 ----SHD---- C:\Windows\Installer
2016-12-10 17:12:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-12-10 17:10:02 ----D---- C:\Windows\SYSWOW64\en-US
2016-12-10 17:10:02 ----D---- C:\Windows\system32\en-US
2016-12-10 16:53:07 ----D---- C:\Program Files
2016-12-10 15:42:27 ----D---- C:\Windows\system32\catroot2
2016-12-10 15:10:47 ----D---- C:\Windows\registration
2016-12-10 14:42:59 ----D---- C:\Users\Valér\AppData\Roaming\Skype
2016-12-10 14:39:20 ----D---- C:\Windows\system32\drivers
2016-12-10 04:38:08 ----HD---- C:\ProgramData
2016-12-10 04:31:19 ----D---- C:\Program Files (x86)\Intel
2016-12-10 04:29:33 ----D---- C:\Windows\system32\DriverStore
2016-12-10 04:27:28 ----D---- C:\Intel
2016-12-10 04:23:19 ----D---- C:\ProgramData\AMD
2016-12-10 04:23:17 ----RD---- C:\Program Files (x86)
2016-12-10 04:23:11 ----D---- C:\Program Files (x86)\Common Files
2016-12-10 04:22:48 ----D---- C:\Program Files\ATI Technologies
2016-12-10 03:20:02 ----SHD---- C:\System Volume Information
2016-12-10 03:19:56 ----D---- C:\Program Files\AMD
2016-12-10 02:43:15 ----D---- C:\SWSetup
2016-12-10 00:01:41 ----D---- C:\ProgramData\Malwarebytes
2016-12-09 20:14:00 ----D---- C:\Windows\system32\Tasks
2016-12-09 19:16:56 ----D---- C:\Program Files (x86)\Jumpstart
2016-12-09 14:33:12 ----D---- C:\Users\Valér\AppData\Roaming\uTorrent
2016-12-09 10:52:13 ----D---- C:\Windows\Prefetch
2016-12-06 00:39:28 ----D---- C:\Program Files (x86)\Steam
2016-12-06 00:34:22 ----D---- C:\ProgramData\Oracle
2016-12-02 10:39:50 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-02 10:39:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-01 12:29:47 ----D---- C:\Users\Valér\AppData\Roaming\TeamViewer
2016-12-01 12:29:47 ----D---- C:\Users\Valér\AppData\Roaming\DAEMON Tools Lite
2016-12-01 12:29:40 ----D---- C:\Windows\Logs
2016-12-01 12:29:40 ----D---- C:\Windows\debug
2016-12-01 11:12:35 ----D---- C:\Program Files\Avast
2016-12-01 07:35:32 ----D---- C:\Program Files (x86)\TeamViewer
2016-11-30 23:08:05 ----D---- C:\Windows\system32\NDF
2016-11-27 21:00:07 ----D---- C:\ProgramData\HP
2016-11-27 20:59:43 ----RSD---- C:\Windows\assembly
2016-11-27 20:59:42 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-11-27 19:39:46 ----D---- C:\Windows\winsxs
2016-11-27 19:27:45 ----D---- C:\ProgramData\Package Cache
2016-11-27 19:27:45 ----D---- C:\Program Files\Intel
2016-11-27 18:32:29 ----D---- C:\AMD
2016-11-27 16:38:49 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-11-27 16:38:49 ----D---- C:\Windows\system32\sk-SK
2016-11-27 15:38:48 ----D---- C:\Program Files (x86)\AMD
2016-11-25 11:22:31 ----D---- C:\Windows\SYSWOW64\wbem
2016-11-25 11:22:31 ----D---- C:\Windows\system32\wbem
2016-11-25 11:22:31 ----D---- C:\Windows\system32\drivers\en-US
2016-11-25 11:22:31 ----D---- C:\Windows\PolicyDefinitions
2016-11-23 22:43:05 ----RSD---- C:\Windows\Fonts
2016-11-23 22:32:21 ----A---- C:\Windows\SYSWOW64\REMOTEDEVICE.INI
2016-11-23 22:29:30 ----A---- C:\Windows\SYSWOW64\LOCALSERVICE.INI
2016-11-23 22:29:25 ----A---- C:\Windows\SYSWOW64\LOCALDEVICE.INI
2016-11-22 22:35:20 ----D---- C:\ProgramData\Skype
2016-11-22 22:35:05 ----RD---- C:\Program Files (x86)\Skype
2016-11-12 21:56:28 ----D---- C:\Program Files (x86)\Counter-Strike 1.6
2016-11-11 22:23:26 ----D---- C:\Windows\SYSWOW64\migration
2016-11-11 22:23:26 ----D---- C:\Program Files\Internet Explorer
2016-11-11 22:23:26 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-11 22:23:22 ----D---- C:\Windows\system32\migration
2016-11-11 22:23:16 ----D---- C:\Windows\AppPatch
2016-11-11 22:23:15 ----D---- C:\Windows\system32\Boot
2016-11-11 14:59:36 ----D---- C:\Windows\system32\MRT
2016-11-11 14:47:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-11 14:47:38 ----D---- C:\Windows\system32\Macromed
2016-11-11 14:47:34 ----D---- C:\Windows\SYSWOW64\Macromed

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
Naposledy upravil(a) SabreSK dne 10 pro 2016 18:32, celkem upraveno 3 x.
Nahoru
SabreSK
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 pro 2016 16:58

Re: Aero 7 nefunguje, preblikáva obrazovka

#2 Příspěvek od SabreSK »

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2013-10-12 36520]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-09-02 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2013-03-01 30520]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-02-01 568600]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-12-04 20024]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-12-10 250816]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; SysWOW64\speedfan.sys []
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2015-05-21 85584]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-09-02 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-22 513632]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-08-26 283064]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2016-11-29 77408]
R1 JSWPSLWF;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwfx.sys [2008-05-15 26624]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-09-02 108816]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-05-22 55488]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2016-12-10 176064]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2015-05-31 48832]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2015-05-31 26816]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2015-05-31 66752]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2013-03-01 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-06-05 11612672]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-06-05 578048]
R3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service; C:\Windows\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 clwcsm;CyberLink Webcam Sharing Manager 4.2; C:\Windows\system32\DRIVERS\clwcsm.sys [2013-02-19 42432]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2013-01-28 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-08-05 3802600]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2016-08-05 463112]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-12-04 358456]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-12-04 791608]
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [2016-12-10 102856]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2016-12-10 43968]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2016-12-10 81696]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-12 62784]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2014-12-31 2486416]
R3 rtbth;RTBTH Bluetooth Device Driver; C:\Windows\system32\DRIVERS\rtbth.sys [2012-10-09 692832]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-02-26 819784]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2013-02-22 1446904]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-02-05 544768]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-10-25 524016]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2015-05-31 33472]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2015-05-31 28864]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-09-02 163416]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-09-02 37656]
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2012-12-19 33968]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\Windows\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2012-12-05 49632]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2016-12-10 54736]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2007-03-29 30472]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2013-01-23 288328]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\Windows\system32\DRIVERS\RtsPer.sys [2013-02-01 448072]
S3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [2015-06-04 21984]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-10-25 34544]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.12.0;ABBYY FineReader 12 PE Licensing Service; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [2014-01-23 925904]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-06-05 241152]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast\AvastSvc.exe [2016-09-02 197128]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 ed2kidle;ed2k idle service; C:\Program Files (x86)\amuleC1\ed2k.exe [2016-11-16 237568]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2016-11-15 9728]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-01-31 553248]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-03-01 43320]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-29 13592]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-08-05 319096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-10-22 166432]
R2 jswpbapi;JumpStart Push-Button Service; C:\Program Files (x86)\Jumpstart\jswpbapi.exe [2008-09-26 265216]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-10-22 278560]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2016-11-29 4317648]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-08-17 76888]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-05 332800]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]
R2 TTService;TTService; C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe [2016-02-03 3274776]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-22 365600]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2016-08-26 339968]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2015-05-31 87744]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\SysWOW64\vmnetdhcp.exe [2015-05-31 359104]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2015-05-22 916672]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [2015-05-31 438464]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-08-05 280696]
R3 hpCMSrv;HP Connection Manager 5 Service; C:\Program Files (x86)\HP\HP Connection Manager\hpCMSrv.exe [2016-04-07 1681760]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-10-19 1102560]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2016-09-15 2195472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S2 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]
S2 SwOffWeb;Airytec Switch Off - Web Interface; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-11 270016]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-27 114688]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\Jumpstart\jswpsapi.exe [2008-09-26 954368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-02 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-09-15 2130440]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Aero 7 nefunguje, preblikáva obrazovka

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
SabreSK
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 pro 2016 16:58

Re: Aero 7 nefunguje, preblikáva obrazovka

#4 Příspěvek od SabreSK »

Ďakujem za radu :)
takže po spustení programu a následnom skene objavilo ešte okolo 50 vecí na odstránenie, čo som bol celkom prekvapený.
Tak som dal "clean" a požadovalo to reboot a následné vymazanie.
Windows sa teraz začne bootovať, objaví sa žiadosť o heslo do Win 7, loading s "Vitajte" a... a potom čierna obrazovka a preblikávanie myši.
Skúsil som aj ctrl+alt+del a opäť, ukázalo mi to ten prvotný screen modrý, kde je to všetko v pohode, tam kliknem na "Spustiť správcu úloh" a bliká aj ten :D
Ale vizuálne som si všimol, že niekde tam vzadu medzi bliknutiami už fungoval Win Aero, aspoň sa mi tak zdá.

Momentálne som vo Windows Safe Móde a pripájam log z adw cleanera

# AdwCleaner v6.040 - *Logfile created 10/12/2016 *at 19:43:07
# *Updated on 02/12/2016 by Malwarebytes
# *Database : 2016-12-09.3 [*Server]
# *Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# *Username : Valér - VALÉR-PC
# *Running from : C:\Users\Valér\Desktop\adwcleaner_6.040.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****

[-] *Service deleted: Update service
[-] *Service deleted: ed2kidle


***** [ *Folders ] *****

[-] *Folder deleted: C:\ProgramData\1d29bbd1cec9cf74
[-] *Folder deleted: C:\ProgramData\TwinpT
[-] *Folder deleted: C:\Users\Valér\AppData\Roaming\RHEng
[-] *Folder deleted: C:\ProgramData\WinSAPSvc
[#] *Folder deleted on reboot: C:\ProgramData\winsapsvc
[#] *Folder deleted on reboot: C:\ProgramData\Application Data\WinSAPSvc
[#] *Folder deleted on reboot: C:\ProgramData\Application Data\winsapsvc
[-] *Folder deleted: C:\Program Files (x86)\Elex-tech
[-] *Folder deleted: C:\Program Files (x86)\WinArcher
[-] *Folder deleted: C:\Program Files (x86)\UvConverter
[#] *Folder deleted on reboot: C:\Program Files (x86)\winarcher
[-] *Folder deleted: C:\Users\Valér\AppData\Roaming\Profiles\yzzfdyu4.default
[-] *Folder deleted: C:\Program Files (x86)\Firefox


***** [ *Files ] *****

[-] *File deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log
[#] *File deleted: C:\Windows\SysNative\LavasoftTcpService64.dll
[-] *File deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[-] *File deleted: C:\END
[#] *File deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] *File deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini


***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****

[-] *Task deleted: {9E37DA79-CA5C-4B7D-B72D-96917C9C7A56}
[-] *Task deleted: Browser Updater Task(Core)
[-] *Task deleted: WinTOOL


***** [ *Registry ] *****

[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] *Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] *Key deleted: HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] *Key deleted: HKU\S-1-5-21-2287402253-3476677090-3372278271-1000\Software\Conduit
[-] *Key deleted: HKU\S-1-5-21-2287402253-3476677090-3372278271-1000\Software\Mail.Ru
[-] *Key deleted: HKU\S-1-5-21-2287402253-3476677090-3372278271-1000\Software\AppDataLow\Software\Mail.Ru
[#] *Key deleted on reboot: HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] *Key deleted on reboot: HKCU\Software\Conduit
[#] *Key deleted on reboot: HKCU\Software\Mail.Ru
[#] *Key deleted on reboot: HKCU\Software\AppDataLow\Software\Mail.Ru
[-] *Key deleted: HKLM\SOFTWARE\Elex-tech
[-] *Key deleted: HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] *Key deleted: HKLM\SOFTWARE\WinArcher
[#] *Key deleted on reboot: [x64] HKCU\Software\Conduit
[#] *Key deleted on reboot: [x64] HKCU\Software\Mail.Ru
[#] *Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Mail.Ru
[-] *Key deleted: [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
[-] *Key deleted: HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F39E5917C417B4041A46F88010121C6E
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F39E5917C417B4041A46F88010121C6E
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
[-] *Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] *Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] *Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [ArcherGroupEx]
[-] *Value deleted: HKLM\SYSTEM\CurrentControlSet\Services\Themes [DependOnService]


***** [ *Browsers ] *****

[-] *Firefox preferences cleaned: "browser.search.searchengine.iconURL" - "hxxp://www.nicesearches.com/favicon.ico?t=1"
[-] *Firefox preferences cleaned: "browser.search.searchengine.name" - "nice"


*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4911 *Bytes] - [10/12/2016 19:43:07]
C:\AdwCleaner\AdwCleaner[R0].txt - [4765 *Bytes] - [04/09/2014 13:10:45]
C:\AdwCleaner\AdwCleaner[S0].txt - [3948 *Bytes] - [04/09/2014 13:48:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [5004 *Bytes] - [10/12/2016 19:39:21]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5207 *Bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Aero 7 nefunguje, preblikáva obrazovka

#5 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
SabreSK
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 pro 2016 16:58

Re: Aero 7 nefunguje, preblikáva obrazovka

#6 Příspěvek od SabreSK »

Taaakže tu je ten log :)

Logfile of random's system information tool 1.14 (written by random/random)
Run by Valér at 2016-12-10 20:44:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (1%) free of 662 GB
Total RAM: 8041 MB (87% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:44:51, on 10. 12. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\trend micro\Valér_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [CLWCSM] "c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\HP\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\RunOnce: [DeleteOnReboot] C:\Users\VALR~1\AppData\Local\Temp\DeleteOnReboot.bat
O4 - HKCU\..\Run: [Power2GoExpress8] NA
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\RunOnce: [Report] C:\AdwCleaner\AdwCleaner[C2].txt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 12 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.12.0) - ABBYY Production LLC - C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HP Connection Manager 5 Service (hpCMSrv) - HP - C:\Program Files (x86)\HP\HP Connection Manager\hpCMSrv.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - HP - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: JumpStart Push-Button Service (jswpbapi) - Atheros Communications, Inc. - C:\Program Files (x86)\Jumpstart\jswpbapi.exe
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\Jumpstart\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TTService - TorrentsTime - C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\SysWOW64\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14598 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe" /wac 1 /status off true
"C:\Users\Valér\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000Core.job - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000UA.job - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\AMD Updater - "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\Avast\AvastEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000Core - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000UA - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\{012BD281-426F-445C-B0C1-D32EBD02BA65} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Counter-Strike 1.6\Uninstal.exe"
C:\Windows\system32\tasks\{0822B448-76DA-4EDC-8CD2-E40AB110A6B2} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{0F5674BF-CCAE-4EAA-B116-F8F39E21A044} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{1ECF0B54-F25C-4E40-B293-6D17DE6B12BB} - C:\Windows\system32\pcalua.exe -a G:\sp61626(1).exe -d G:\
C:\Windows\system32\tasks\{2FB86E61-CD96-4BBB-BA04-57852247F3DD} - C:\Windows\system32\pcalua.exe -a G:\sp61617.exe -d G:\
C:\Windows\system32\tasks\{392FC1EA-9085-41A7-84F1-E3D8F3E9CCA2} - C:\Windows\system32\pcalua.exe -a G:\sp60818.exe -d G:\
C:\Windows\system32\tasks\{3ACE0C19-6935-48D0-ADAB-F8F7AD80F2B5} - C:\Windows\system32\pcalua.exe -a G:\Setup.exe -d G:\
C:\Windows\system32\tasks\{49C2090E-9A2C-4DC4-A47A-E1647581DE70} - C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\tasks\{81694313-2788-4491-B6D8-2D019B82436E} - C:\Windows\system32\pcalua.exe -a C:\Users\Valér\Downloads\sp70001.exe -d C:\Users\Valér\Downloads
C:\Windows\system32\tasks\{927DC5D2-0B8A-4782-B7F0-CAC4758D42F7} - C:\Program Files\Tor Browser\Browser\firefox.exe
C:\Windows\system32\tasks\{A9B3C804-6BD1-4420-AD22-C878F5E579D2} - C:\Windows\system32\pcalua.exe -a C:\Users\Valér\Desktop\Ignition\Setup.exe -d C:\Users\Valér\Desktop\Ignition
C:\Windows\system32\tasks\{A9CC20F5-DCF0-4830-9C44-F1547B1EC329} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\NetBeans 8.1\uninstall.exe"
C:\Windows\system32\tasks\{B40C2322-310B-4F56-96B1-68C03116E6E2} - C:\Windows\system32\pcalua.exe -a G:\sp61518.exe -d G:\
C:\Windows\system32\tasks\{BA6D0196-2E65-41CE-AC42-5AF0259D7652} - C:\Windows\system32\pcalua.exe -a G:\sp61498.exe -d G:\
C:\Windows\system32\tasks\{BA6E38A0-AF73-4374-B543-0E153D84EED2} - C:\Windows\system32\pcalua.exe -a G:\sp61047.exe -d G:\
C:\Windows\system32\tasks\{C1B4525B-13D7-43D9-8423-6E588A66778B} - C:\Windows\system32\pcalua.exe -a G:\sp61614.exe -d G:\
C:\Windows\system32\tasks\{CEDCDBA2-9AC7-470A-8C7C-068DAC5B5A57} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe" -c /M{D71DF8CD-34E5-43E9-93A6-379BA92C1B9A}
C:\Windows\system32\tasks\{D022E0E9-ED75-4443-8224-D00962120C1F} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{D48B5ED5-93EC-4C1E-821F-0F8F4DF9B9B9} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{D96C766B-E285-4D54-8EAD-1B98487182AB} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -d "C:\Program Files (x86)\Seznam.cz\distribution"
C:\Windows\system32\tasks\{E2F63821-E59C-45E8-8056-3FB34DF1BA97} - C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe"
C:\Windows\system32\tasks\{E62B774A-143F-4FF7-8EF1-E0F0436A38AF} - C:\Windows\system32\pcalua.exe -a G:\sp62348.exe -d G:\
C:\Windows\system32\tasks\{EE869CEE-957B-4FDC-B629-5304FE1A4598} - C:\Windows\system32\pcalua.exe -a C:\Users\Valér\Downloads\sp77113.exe -d C:\Users\Valér\Downloads
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349

"wrc@avast.com"=C:\Program Files\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.112.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.112.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_112\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npdjvu.dll
npexview.dll
NPOFF12.DLL
nppdf32.dll

C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349\addons.json

C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Firefox - extension - firefox@prehliadac.sk - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\firefox@prehliadac.sk
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Avast Online Security - extension - wrc@avast.com - C:\Program Files\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\Avast\SafePrice\FF

C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349\pluginreg.dat
Plugin - AdobeAAMDetect - 1.0.0.0 - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
Plugin - Adobe Acrobat - 15.20.20039.7108 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.31.5 - C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave for Director - 12.2.5.195 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
Plugin - TTPlugin - 1.0.0.0 - C:\Program Files (x86)\TorrentsTime Media Player\bin\npTTPlugin.dll
Plugin - Facebook Video Calling Plugin - 3.1.0.521 - C:\Users\Valér\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

=========Google Chrome=========

C:\Users\Valér\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 0 Adblock Plus 1.12.4
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension elicpjhcidhpjomhibiffojpinpmmpil 0 Video Downloader professional 1.97.54
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.155
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 0 AdBlock 3.7.0
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.124
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lmjegmlicamnimmfhcmpkclmigmmcbeh 0 Application Launcher for Drive (by Google) 3.2
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mlomiejdfkolichcflejclcbmpeaniij 0 Ghostery 7.1.0.49
Extension nbhibnjbbdkflfklbdpgbifkhcielgcm 0 Merge PDF - Smallpdf.com 1.0.0.4
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage:
default_search_provider.search_url:
C:\Users\Valér\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-12-06 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-12-06 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-05 1702912]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-25 2774256]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2016-11-29 2786768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress8"=NA []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-19 8455960]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner\AdwCleaner[C2].txt [2016-12-10 1377]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11]
C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR12]
C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [2015-03-30 1472312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\f.lux]
C:\Users\Valér\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2013-03-11 77088]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-02-29 56088]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-01-31 337184]
"CLWCSM"=c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [2013-02-20 249096]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-12-20 291280]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-11-21 111136]
"CLVirtualDrive"=C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-11-21 493088]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"KMCONFIG"=C:\Program Files (x86)\Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"AvastUI.exe"=C:\Program Files\Avast\AvastUI.exe [2016-11-15 9080768]
"HPConnectionManager"=C:\Program Files (x86)\HP\HP Connection Manager\HPCMDelayStart.exe [2016-04-07 235872]
""= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-06-05 642816]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"DeleteOnReboot"=C:\Users\VALR~1\AppData\Local\Temp\DeleteOnReboot.bat [2016-12-10 790]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMSwissArmy]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-12-10 20:04:31 ----A---- C:\Windows\ntbtlog.txt
2016-12-10 16:53:07 ----D---- C:\Program Files\trend micro
2016-12-10 16:53:06 ----D---- C:\rsit
2016-12-10 16:04:48 ----D---- C:\FRST
2016-12-10 04:38:08 ----D---- C:\ProgramData\ATI
2016-12-10 04:23:17 ----D---- C:\Program Files (x86)\AMD AVT
2016-12-10 04:23:14 ----D---- C:\Program Files (x86)\AMD APP
2016-12-10 04:22:23 ----D---- C:\Program Files (x86)\ATI Technologies
2016-12-10 04:22:23 ----A---- C:\Windows\SYSWOW64\atipblup.dat
2016-12-10 04:22:23 ----A---- C:\Windows\system32\atipblup.dat
2016-12-10 03:30:18 ----A---- C:\Windows\SYSWOW64\SET88D0.tmp
2016-12-10 02:16:12 ----A---- C:\Windows\system32\drivers\hitmanpro37.sys
2016-12-10 00:59:24 ----D---- C:\ProgramData\HitmanPro
2016-12-10 00:45:11 ----A---- C:\Windows\system32\drivers\SETBE8D.tmp
2016-12-10 00:02:37 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2016-12-10 00:02:24 ----A---- C:\Windows\system32\drivers\farflt.sys
2016-12-10 00:02:23 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-12-10 00:02:20 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-12-10 00:02:13 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-12-10 00:01:45 ----A---- C:\Windows\system32\drivers\mbae64.sys
2016-12-10 00:01:41 ----D---- C:\Program Files\Malwarebytes
2016-12-09 19:07:37 ----A---- C:\Windows\system32\drivers\zam64.sys
2016-12-09 19:07:35 ----A---- C:\Windows\system32\drivers\zamguard64.sys
2016-12-09 12:51:25 ----D---- C:\Program Files (x86)\amuleC1
2016-12-09 12:47:10 ----D---- C:\Program Files (x86)\2me4rbwg
2016-12-09 11:28:48 ----D---- C:\Users\Valér\AppData\Roaming\gjdgj
2016-12-09 11:28:44 ----D---- C:\Users\Valér\AppData\Roaming\aMule
2016-12-08 00:47:09 ----D---- C:\Program Files (x86)\qx2r52dp
2016-12-08 00:22:43 ----D---- C:\Program Files (x86)\rut07zcq
2016-12-06 02:02:38 ----D---- C:\Users\Valér\AppData\Roaming\Airytec
2016-12-06 02:02:35 ----D---- C:\Program Files\Airytec
2016-12-06 00:33:13 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2016-12-06 00:27:01 ----D---- C:\Program Files\Java
2016-12-02 04:47:26 ----D---- C:\ProgramData\wintools
2016-12-02 04:47:10 ----D---- C:\Program Files (x86)\unv9g81h
2016-12-01 02:47:10 ----D---- C:\Program Files (x86)\kxm7b8yy
2016-12-01 00:47:10 ----D---- C:\Program Files (x86)\nbkb81q2
2016-11-30 21:15:28 ----D---- C:\Program Files (x86)\o0a1z2iz
2016-11-30 15:00:07 ----D---- C:\Program Files (x86)\9xs4g3d0
2016-11-30 08:47:10 ----D---- C:\Program Files (x86)\urg59zxb
2016-11-30 08:28:51 ----D---- C:\Program Files (x86)\614y4z2q
2016-11-28 12:49:54 ----D---- C:\Program Files\CyberGhost 6
2016-11-28 12:46:20 ----D---- C:\Program Files\CyberGhost 5
2016-11-28 03:11:19 ----D---- C:\Program Files\CyberGhost VPN
2016-11-27 21:02:05 ----D---- C:\Users\Valér\AppData\Roaming\HP
2016-11-27 20:59:50 ----D---- C:\Program Files (x86)\HP
2016-11-27 20:56:42 ----D---- C:\Program Files\Microsoft SQL Server
2016-11-27 20:56:42 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2016-11-27 20:56:42 ----D---- C:\Program Files (x86)\Microsoft SDKs
2016-11-27 19:58:44 ----A---- C:\Windows\SYSWOW64\SET63C1.tmp
2016-11-27 19:16:48 ----A---- C:\Windows\system32\drivers\semav6msr64.sys
2016-11-27 19:10:29 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-11-27 19:10:29 ----A---- C:\Windows\system32\wksprt.exe
2016-11-27 19:10:29 ----A---- C:\Windows\system32\mstscax.dll
2016-11-27 19:10:28 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-11-27 19:10:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-11-27 19:10:28 ----A---- C:\Windows\system32\tsgqec.dll
2016-11-27 19:10:28 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-11-27 18:55:36 ----A---- C:\Windows\system32\SET9714.tmp
2016-11-27 16:37:44 ----A---- C:\Windows\system32\rdpudd.dll
2016-11-27 16:37:44 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-11-27 16:37:44 ----A---- C:\Windows\system32\rdpcorets.dll
2016-11-27 16:37:30 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-11-27 16:20:13 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-27 15:44:13 ----A---- C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-11-27 15:33:55 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-11-27 15:33:55 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-11-27 15:33:55 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-11-27 15:33:55 ----A---- C:\Windows\system32\vulkan-1.dll
2016-11-27 15:33:53 ----D---- C:\Program Files (x86)\VulkanRT
2016-11-25 00:12:36 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-11-25 00:12:32 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-11-25 00:12:32 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-11-25 00:12:32 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2016-11-25 00:12:27 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2016-11-25 00:12:27 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2016-11-25 00:12:27 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2016-11-25 00:12:27 ----A---- C:\Windows\system32\wksprtPS.dll
2016-11-25 00:12:27 ----A---- C:\Windows\system32\mstsc.exe
2016-11-25 00:12:27 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2016-11-25 00:08:46 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2016-11-25 00:08:38 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2016-11-25 00:08:38 ----A---- C:\Windows\system32\rdpendp_winip.dll
2016-11-23 22:31:36 ----A---- C:\Windows\system32\icaapi.dll
2016-11-23 22:31:35 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2016-11-23 22:30:57 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-11-23 22:30:57 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-11-23 22:30:57 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-11-23 22:30:57 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-11-23 22:30:57 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-11-23 22:30:57 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-11-23 22:30:56 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-11-23 22:30:56 ----A---- C:\Windows\system32\nlsbres.dll
2016-11-12 23:11:30 ----D---- C:\Counter-Strike
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-11 22:18:56 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-11 22:18:52 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\vbscript.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\srcore.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\srclient.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\schannel.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\rstrui.exe
2016-11-11 22:18:48 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\jscript9.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\jscript.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\msobjs.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\msaudite.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\auditpol.exe
2016-11-11 22:18:46 ----A---- C:\Windows\system32\adtschema.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\wininet.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\webcheck.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\urlmon.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\tzres.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\sspicli.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\secur32.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\occache.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\msrating.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\mshtml.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\lsass.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\inseng.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieui.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iesetup.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iertutil.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iernonce.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieframe.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-11 22:18:45 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-11 22:18:44 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-11 22:18:44 ----A---- C:\Windows\system32\certcli.dll
2016-11-11 22:18:44 ----A---- C:\Windows\system32\advapi32.dll
2016-11-11 22:00:13 ----A---- C:\Windows\system32\win32k.sys
2016-11-11 22:00:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-11 22:00:10 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-11 22:00:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-11 22:00:09 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-11 22:00:09 ----A---- C:\Windows\system32\win32spl.dll
2016-11-11 22:00:09 ----A---- C:\Windows\system32\ntdll.dll
2016-11-11 22:00:09 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-11 22:00:08 ----A---- C:\Windows\system32\clfs.sys
2016-11-11 22:00:08 ----A---- C:\Windows\system32\atmfd.dll
2016-11-11 22:00:07 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-11 22:00:07 ----A---- C:\Windows\system32\msctf.dll
2016-11-11 22:00:07 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-11 22:00:07 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-11 22:00:04 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-11 22:00:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-11 22:00:01 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-11 22:00:00 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-11 22:00:00 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-11 22:00:00 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-11 22:00:00 ----A---- C:\Windows\system32\input.dll
2016-11-11 22:00:00 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-11 21:59:59 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-11 21:59:57 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\wdigest.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\smss.exe
2016-11-11 21:59:54 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\lpk.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\kernel32.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\kerberos.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\INETRES.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\fontsub.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-11 21:59:54 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\wow64win.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\wow64.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\winsrv.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-11 21:59:53 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-11 21:59:53 ----A---- C:\Windows\system32\dciman32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\credssp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\conhost.exe
2016-11-11 21:59:53 ----A---- C:\Windows\system32\atmlib.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidapi.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-11 21:59:51 ----A---- C:\Windows\system32\apisetschema.dll

======List of files/folders modified in the last 1 month======

2016-12-10 20:40:55 ----D---- C:\Program Files (x86)\Hi-Rez Studios
2016-12-10 20:40:11 ----A---- C:\Windows\SYSWOW64\bscs.ini
2016-12-10 20:39:15 ----D---- C:\Windows
2016-12-10 20:36:40 ----D---- C:\ProgramData\VMware
2016-12-10 20:34:40 ----D---- C:\AdwCleaner
2016-12-10 20:34:37 ----D---- C:\Windows\System32
2016-12-10 19:50:08 ----D---- C:\Windows\Temp
2016-12-10 19:50:07 ----A---- C:\Windows\SYSWOW64\log.txt
2016-12-10 19:45:18 ----D---- C:\Windows\SysWOW64
2016-12-10 19:42:54 ----D---- C:\Windows\system32\Tasks
2016-12-10 19:42:51 ----D---- C:\Windows\system32\log
2016-12-10 19:42:50 ----RD---- C:\Program Files (x86)
2016-12-10 19:42:33 ----D---- C:\Users\Valér\AppData\Roaming\Profiles
2016-12-10 19:41:52 ----HD---- C:\ProgramData
2016-12-10 19:41:41 ----D---- C:\Users\Valér\AppData\Roaming\vlc
2016-12-10 18:32:42 ----D---- C:\Windows\inf
2016-12-10 18:32:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-10 18:24:09 ----D---- C:\Windows\system32\config
2016-12-10 17:49:55 ----D---- C:\Windows\system32\catroot
2016-12-10 17:32:31 ----D---- C:\Windows\Microsoft.NET
2016-12-10 17:16:16 ----SHD---- C:\Config.Msi
2016-12-10 17:14:00 ----SHD---- C:\Windows\Installer
2016-12-10 17:12:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-12-10 17:10:02 ----D---- C:\Windows\SYSWOW64\en-US
2016-12-10 17:10:02 ----D---- C:\Windows\system32\en-US
2016-12-10 16:53:07 ----D---- C:\Program Files
2016-12-10 15:42:27 ----D---- C:\Windows\system32\catroot2
2016-12-10 15:10:47 ----D---- C:\Windows\registration
2016-12-10 14:42:59 ----D---- C:\Users\Valér\AppData\Roaming\Skype
2016-12-10 14:39:20 ----D---- C:\Windows\system32\drivers
2016-12-10 04:31:19 ----D---- C:\Program Files (x86)\Intel
2016-12-10 04:29:33 ----D---- C:\Windows\system32\DriverStore
2016-12-10 04:27:28 ----D---- C:\Intel
2016-12-10 04:23:19 ----D---- C:\ProgramData\AMD
2016-12-10 04:23:11 ----D---- C:\Program Files (x86)\Common Files
2016-12-10 04:22:48 ----D---- C:\Program Files\ATI Technologies
2016-12-10 03:20:02 ----SHD---- C:\System Volume Information
2016-12-10 03:19:56 ----D---- C:\Program Files\AMD
2016-12-10 02:43:15 ----D---- C:\SWSetup
2016-12-10 00:01:41 ----D---- C:\ProgramData\Malwarebytes
2016-12-09 19:16:56 ----D---- C:\Program Files (x86)\Jumpstart
2016-12-09 14:33:12 ----D---- C:\Users\Valér\AppData\Roaming\uTorrent
2016-12-09 10:52:13 ----D---- C:\Windows\Prefetch
2016-12-06 00:39:28 ----D---- C:\Program Files (x86)\Steam
2016-12-06 00:34:22 ----D---- C:\ProgramData\Oracle
2016-12-02 10:39:50 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-02 10:39:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-01 12:29:47 ----D---- C:\Users\Valér\AppData\Roaming\TeamViewer
2016-12-01 12:29:47 ----D---- C:\Users\Valér\AppData\Roaming\DAEMON Tools Lite
2016-12-01 12:29:40 ----D---- C:\Windows\Logs
2016-12-01 12:29:40 ----D---- C:\Windows\debug
2016-12-01 11:12:35 ----D---- C:\Program Files\Avast
2016-12-01 07:35:32 ----D---- C:\Program Files (x86)\TeamViewer
2016-11-30 23:08:05 ----D---- C:\Windows\system32\NDF
2016-11-27 21:00:07 ----D---- C:\ProgramData\HP
2016-11-27 20:59:43 ----RSD---- C:\Windows\assembly
2016-11-27 20:59:42 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-11-27 19:39:46 ----D---- C:\Windows\winsxs
2016-11-27 19:27:45 ----D---- C:\ProgramData\Package Cache
2016-11-27 19:27:45 ----D---- C:\Program Files\Intel
2016-11-27 18:32:29 ----D---- C:\AMD
2016-11-27 16:38:49 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-11-27 16:38:49 ----D---- C:\Windows\system32\sk-SK
2016-11-27 15:38:48 ----D---- C:\Program Files (x86)\AMD
2016-11-25 11:22:31 ----D---- C:\Windows\SYSWOW64\wbem
2016-11-25 11:22:31 ----D---- C:\Windows\system32\wbem
2016-11-25 11:22:31 ----D---- C:\Windows\system32\drivers\en-US
2016-11-25 11:22:31 ----D---- C:\Windows\PolicyDefinitions
2016-11-23 22:43:05 ----RSD---- C:\Windows\Fonts
2016-11-23 22:32:21 ----A---- C:\Windows\SYSWOW64\REMOTEDEVICE.INI
2016-11-23 22:29:30 ----A---- C:\Windows\SYSWOW64\LOCALSERVICE.INI
2016-11-23 22:29:25 ----A---- C:\Windows\SYSWOW64\LOCALDEVICE.INI
2016-11-22 22:35:20 ----D---- C:\ProgramData\Skype
2016-11-22 22:35:05 ----RD---- C:\Program Files (x86)\Skype
2016-11-12 21:56:28 ----D---- C:\Program Files (x86)\Counter-Strike 1.6
2016-11-11 22:23:26 ----D---- C:\Windows\SYSWOW64\migration
2016-11-11 22:23:26 ----D---- C:\Program Files\Internet Explorer
2016-11-11 22:23:26 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-11 22:23:22 ----D---- C:\Windows\system32\migration
2016-11-11 22:23:16 ----D---- C:\Windows\AppPatch
2016-11-11 22:23:15 ----D---- C:\Windows\system32\Boot
2016-11-11 14:59:36 ----D---- C:\Windows\system32\MRT
2016-11-11 14:47:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-11 14:47:38 ----D---- C:\Windows\system32\Macromed
2016-11-11 14:47:34 ----D---- C:\Windows\SYSWOW64\Macromed

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2013-10-12 36520]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2013-03-01 30520]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-02-01 568600]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-12-04 20024]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-12-10 250816]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; SysWOW64\speedfan.sys []
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2015-05-21 85584]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-09-02 103064]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-08-26 283064]
R1 JSWPSLWF;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwfx.sys [2008-05-15 26624]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2013-03-01 43320]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2013-01-28 25912]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-12-04 358456]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-12-04 791608]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-12 62784]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2014-12-31 2486416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-02-26 819784]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-10-25 524016]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2015-05-31 33472]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2015-05-31 28864]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-09-02 74544]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 293352]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-22 513632]
S1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2016-11-29 77408]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-09-02 108816]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-09-02 163416]
S2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-05-22 55488]
S2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2016-12-10 176064]
S2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2015-05-31 48832]
S2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2015-05-31 26816]
S2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2015-05-31 66752]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-06-05 11612672]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-06-05 578048]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-09-02 37656]
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2012-12-19 33968]
S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service; C:\Windows\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\Windows\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2012-12-05 49632]
S3 clwcsm;CyberLink Webcam Sharing Manager 4.2; C:\Windows\system32\DRIVERS\clwcsm.sys [2013-02-19 42432]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2016-12-10 54736]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-08-05 3802600]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2016-08-05 463112]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2007-03-29 30472]
S3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2016-12-10 43968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2013-01-23 288328]
S3 rtbth;RTBTH Bluetooth Device Driver; C:\Windows\system32\DRIVERS\rtbth.sys [2012-10-09 692832]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\Windows\system32\DRIVERS\RtsPer.sys [2013-02-01 448072]
S3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [2015-06-04 21984]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-10-25 34544]
S3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2013-02-22 1446904]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-02-05 544768]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2016-11-29 4317648]
S2 ABBYY.Licensing.FineReader.Professional.12.0;ABBYY FineReader 12 PE Licensing Service; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [2014-01-23 925904]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-06-05 241152]
S2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast\AvastSvc.exe [2016-09-02 197128]
S2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
S2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2016-11-15 9728]
S2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-01-31 553248]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-03-01 43320]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-29 13592]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-08-05 319096]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-10-22 166432]
S2 jswpbapi;JumpStart Push-Button Service; C:\Program Files (x86)\Jumpstart\jswpbapi.exe [2008-09-26 265216]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-10-22 278560]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2016-09-15 2195472]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-08-17 76888]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-05 332800]
S2 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]
S2 SwOffWeb;Airytec Switch Off - Web Interface; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]
S2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]
S2 TTService;TTService; C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe [2016-02-03 3274776]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-22 365600]
S2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2015-05-31 87744]
S2 VMnetDHCP;VMware DHCP Service; C:\Windows\SysWOW64\vmnetdhcp.exe [2015-05-31 359104]
S2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2015-05-22 916672]
S2 VMware NAT Service;VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [2015-05-31 438464]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-11 270016]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-08-05 280696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 hpCMSrv;HP Connection Manager 5 Service; C:\Program Files (x86)\HP\HP Connection Manager\hpCMSrv.exe [2016-04-07 1681760]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-10-19 1102560]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-27 114688]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\Jumpstart\jswpsapi.exe [2008-09-26 954368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-02 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-09-15 2130440]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Aero 7 nefunguje, preblikáva obrazovka

#7 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000Core
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000UA
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\drivers\SETBE8D.tmp
C:\Program Files (x86)\qx2r52dp
C:\Program Files (x86)\rut07zcq
C:\Program Files (x86)\unv9g81h
C:\Program Files (x86)\kxm7b8yy
C:\Program Files (x86)\nbkb81q2
C:\Program Files (x86)\9xs4g3d0
C:\Program Files (x86)\urg59zxb
C:\Program Files (x86)\614y4z2q
C:\Windows\SYSWOW64\SET63C1.tmp
C:\Windows\system32\SET9714.tmp
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
SabreSK
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 pro 2016 16:58

Re: Aero 7 nefunguje, preblikáva obrazovka

#8 Příspěvek od SabreSK »

No takže OTM log:

All processes killed
========== FILES ==========
File/Folder C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000Core not found.
File/Folder C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000UA not found.
File/Folder C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore not found.
File/Folder C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA not found.
File/Folder C:\Windows\system32\drivers\SETBE8D.tmp not found.
C:\Program Files (x86)\qx2r52dp\{C9862E1F-BBF2-4AD0-9557-74E47D52DF73} folder moved successfully.
C:\Program Files (x86)\qx2r52dp folder moved successfully.
C:\Program Files (x86)\rut07zcq folder moved successfully.
C:\Program Files (x86)\unv9g81h folder moved successfully.
C:\Program Files (x86)\kxm7b8yy folder moved successfully.
C:\Program Files (x86)\nbkb81q2 folder moved successfully.
C:\Program Files (x86)\9xs4g3d0 folder moved successfully.
C:\Program Files (x86)\urg59zxb folder moved successfully.
C:\Program Files (x86)\614y4z2q folder moved successfully.
C:\Windows\SYSWOW64\SET63C1.tmp moved successfully.
File/Folder C:\Windows\system32\SET9714.tmp not found.
File/Folder C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat not found.
File/Folder C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest

User: HomeGroupUser$

User: Public

User: Valér
->Temp folder emptied: 133040528 bytes
->Temporary Internet Files folder emptied: 3650617 bytes
->Java cache emptied: 130064853 bytes
->FireFox cache emptied: 172862651 bytes
->Google Chrome cache emptied: 160371067 bytes
->Flash cache emptied: 2282 bytes

User: Valér

User: Val‚r

User: Val�r

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 31133720 bytes
%systemroot%\System32 (64bit) .tmp files removed: 120438016 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 266061530 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 732 bytes
RecycleBin emptied: 72574040 bytes

Total Files Cleaned = 1 040,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Guest

User: HomeGroupUser$

User: Public

User: Valér
->Flash cache emptied: 0 bytes

User: Valér

User: Val‚r

User: Val�r

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 12102016_214925

Files moved on Reboot...
File move failed. C:\Users\Valér\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
File move failed. C:\Users\Valér\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...
Nahoru
SabreSK
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 pro 2016 16:58

Re: Aero 7 nefunguje, preblikáva obrazovka

#9 Příspěvek od SabreSK »

A log RSIT...

hej aaaa ešte stále tak bliká obrazovka :/

Logfile of random's system information tool 1.14 (written by random/random)
Run by Valér at 2016-12-10 22:00:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (1%) free of 662 GB
Total RAM: 8041 MB (86% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:00:58, on 10. 12. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\trend micro\Valér_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [CLWCSM] "c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\HP\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\RunOnce: [DeleteOnReboot] C:\Users\VALR~1\AppData\Local\Temp\DeleteOnReboot.bat
O4 - HKCU\..\Run: [Power2GoExpress8] NA
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\RunOnce: [Report] C:\AdwCleaner\AdwCleaner[C2].txt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 12 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.12.0) - ABBYY Production LLC - C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HP Connection Manager 5 Service (hpCMSrv) - HP - C:\Program Files (x86)\HP\HP Connection Manager\hpCMSrv.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - HP - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: JumpStart Push-Button Service (jswpbapi) - Atheros Communications, Inc. - C:\Program Files (x86)\Jumpstart\jswpbapi.exe
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\Jumpstart\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TTService - TorrentsTime - C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\SysWOW64\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14343 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe" /wac 1 /status off true
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\12102016_214925.log
"C:\Users\Valér\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000Core.job - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000UA.job - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\AMD Updater - "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\Avast\AvastEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000Core - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2287402253-3476677090-3372278271-1000UA - C:\Users\Valér\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\{012BD281-426F-445C-B0C1-D32EBD02BA65} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Counter-Strike 1.6\Uninstal.exe"
C:\Windows\system32\tasks\{0822B448-76DA-4EDC-8CD2-E40AB110A6B2} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{0F5674BF-CCAE-4EAA-B116-F8F39E21A044} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{1ECF0B54-F25C-4E40-B293-6D17DE6B12BB} - C:\Windows\system32\pcalua.exe -a G:\sp61626(1).exe -d G:\
C:\Windows\system32\tasks\{2FB86E61-CD96-4BBB-BA04-57852247F3DD} - C:\Windows\system32\pcalua.exe -a G:\sp61617.exe -d G:\
C:\Windows\system32\tasks\{392FC1EA-9085-41A7-84F1-E3D8F3E9CCA2} - C:\Windows\system32\pcalua.exe -a G:\sp60818.exe -d G:\
C:\Windows\system32\tasks\{3ACE0C19-6935-48D0-ADAB-F8F7AD80F2B5} - C:\Windows\system32\pcalua.exe -a G:\Setup.exe -d G:\
C:\Windows\system32\tasks\{49C2090E-9A2C-4DC4-A47A-E1647581DE70} - C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\tasks\{81694313-2788-4491-B6D8-2D019B82436E} - C:\Windows\system32\pcalua.exe -a C:\Users\Valér\Downloads\sp70001.exe -d C:\Users\Valér\Downloads
C:\Windows\system32\tasks\{927DC5D2-0B8A-4782-B7F0-CAC4758D42F7} - C:\Program Files\Tor Browser\Browser\firefox.exe
C:\Windows\system32\tasks\{A9B3C804-6BD1-4420-AD22-C878F5E579D2} - C:\Windows\system32\pcalua.exe -a C:\Users\Valér\Desktop\Ignition\Setup.exe -d C:\Users\Valér\Desktop\Ignition
C:\Windows\system32\tasks\{A9CC20F5-DCF0-4830-9C44-F1547B1EC329} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\NetBeans 8.1\uninstall.exe"
C:\Windows\system32\tasks\{B40C2322-310B-4F56-96B1-68C03116E6E2} - C:\Windows\system32\pcalua.exe -a G:\sp61518.exe -d G:\
C:\Windows\system32\tasks\{BA6D0196-2E65-41CE-AC42-5AF0259D7652} - C:\Windows\system32\pcalua.exe -a G:\sp61498.exe -d G:\
C:\Windows\system32\tasks\{BA6E38A0-AF73-4374-B543-0E153D84EED2} - C:\Windows\system32\pcalua.exe -a G:\sp61047.exe -d G:\
C:\Windows\system32\tasks\{C1B4525B-13D7-43D9-8423-6E588A66778B} - C:\Windows\system32\pcalua.exe -a G:\sp61614.exe -d G:\
C:\Windows\system32\tasks\{CEDCDBA2-9AC7-470A-8C7C-068DAC5B5A57} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe" -c /M{D71DF8CD-34E5-43E9-93A6-379BA92C1B9A}
C:\Windows\system32\tasks\{D022E0E9-ED75-4443-8224-D00962120C1F} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{D48B5ED5-93EC-4C1E-821F-0F8F4DF9B9B9} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{D96C766B-E285-4D54-8EAD-1B98487182AB} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -d "C:\Program Files (x86)\Seznam.cz\distribution"
C:\Windows\system32\tasks\{E2F63821-E59C-45E8-8056-3FB34DF1BA97} - C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe"
C:\Windows\system32\tasks\{E62B774A-143F-4FF7-8EF1-E0F0436A38AF} - C:\Windows\system32\pcalua.exe -a G:\sp62348.exe -d G:\
C:\Windows\system32\tasks\{EE869CEE-957B-4FDC-B629-5304FE1A4598} - C:\Windows\system32\pcalua.exe -a C:\Users\Valér\Downloads\sp77113.exe -d C:\Users\Valér\Downloads
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349

"wrc@avast.com"=C:\Program Files\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.112.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.112.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_112\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npdjvu.dll
npexview.dll
NPOFF12.DLL
nppdf32.dll

C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349\addons.json

C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Firefox - extension - firefox@prehliadac.sk - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\firefox@prehliadac.sk
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Avast Online Security - extension - wrc@avast.com - C:\Program Files\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\Avast\SafePrice\FF

C:\Users\Valér\AppData\Roaming\Mozilla\Firefox\Profiles\ntvvxtlc.default-1481387004349\pluginreg.dat
Plugin - AdobeAAMDetect - 1.0.0.0 - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
Plugin - Adobe Acrobat - 15.20.20039.7108 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.31.5 - C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave for Director - 12.2.5.195 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
Plugin - TTPlugin - 1.0.0.0 - C:\Program Files (x86)\TorrentsTime Media Player\bin\npTTPlugin.dll
Plugin - Facebook Video Calling Plugin - 3.1.0.521 - C:\Users\Valér\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

=========Google Chrome=========

C:\Users\Valér\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 0 Adblock Plus 1.12.4
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension elicpjhcidhpjomhibiffojpinpmmpil 0 Video Downloader professional 1.97.54
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.155
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 0 AdBlock 3.7.0
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.124
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lmjegmlicamnimmfhcmpkclmigmmcbeh 0 Application Launcher for Drive (by Google) 3.2
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mlomiejdfkolichcflejclcbmpeaniij 0 Ghostery 7.1.0.49
Extension nbhibnjbbdkflfklbdpgbifkhcielgcm 0 Merge PDF - Smallpdf.com 1.0.0.4
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage:
default_search_provider.search_url:
C:\Users\Valér\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-05 1702912]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-25 2774256]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"Malwarebytes TrayApp"=C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2016-11-29 2786768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress8"=NA []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-19 8455960]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner\AdwCleaner[C2].txt [2016-12-10 1377]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11]
C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR12]
C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [2015-03-30 1472312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\f.lux]
C:\Users\Valér\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2013-03-11 77088]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-02-29 56088]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-01-31 337184]
"CLWCSM"=c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [2013-02-20 249096]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-12-20 291280]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-11-21 111136]
"CLVirtualDrive"=C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-11-21 493088]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"KMCONFIG"=C:\Program Files (x86)\Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"AvastUI.exe"=C:\Program Files\Avast\AvastUI.exe [2016-11-15 9080768]
"HPConnectionManager"=C:\Program Files (x86)\HP\HP Connection Manager\HPCMDelayStart.exe [2016-04-07 235872]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-06-05 642816]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"DeleteOnReboot"=C:\Users\VALR~1\AppData\Local\Temp\DeleteOnReboot.bat []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMSwissArmy]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-12-10 21:49:25 ----D---- C:\_OTM
2016-12-10 20:04:31 ----A---- C:\Windows\ntbtlog.txt
2016-12-10 16:53:07 ----D---- C:\Program Files\trend micro
2016-12-10 16:53:06 ----D---- C:\rsit
2016-12-10 16:04:48 ----D---- C:\FRST
2016-12-10 04:38:08 ----D---- C:\ProgramData\ATI
2016-12-10 04:23:17 ----D---- C:\Program Files (x86)\AMD AVT
2016-12-10 04:23:14 ----D---- C:\Program Files (x86)\AMD APP
2016-12-10 04:22:23 ----D---- C:\Program Files (x86)\ATI Technologies
2016-12-10 04:22:23 ----A---- C:\Windows\SYSWOW64\atipblup.dat
2016-12-10 04:22:23 ----A---- C:\Windows\system32\atipblup.dat
2016-12-10 02:16:12 ----A---- C:\Windows\system32\drivers\hitmanpro37.sys
2016-12-10 00:59:24 ----D---- C:\ProgramData\HitmanPro
2016-12-10 00:45:11 ----A---- C:\Windows\system32\drivers\SETBE8D.tmp
2016-12-10 00:02:37 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2016-12-10 00:02:24 ----A---- C:\Windows\system32\drivers\farflt.sys
2016-12-10 00:02:23 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-12-10 00:02:20 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-12-10 00:02:13 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-12-10 00:01:45 ----A---- C:\Windows\system32\drivers\mbae64.sys
2016-12-10 00:01:41 ----D---- C:\Program Files\Malwarebytes
2016-12-09 19:07:37 ----A---- C:\Windows\system32\drivers\zam64.sys
2016-12-09 19:07:35 ----A---- C:\Windows\system32\drivers\zamguard64.sys
2016-12-09 12:51:25 ----D---- C:\Program Files (x86)\amuleC1
2016-12-09 12:47:10 ----D---- C:\Program Files (x86)\2me4rbwg
2016-12-09 11:28:48 ----D---- C:\Users\Valér\AppData\Roaming\gjdgj
2016-12-09 11:28:44 ----D---- C:\Users\Valér\AppData\Roaming\aMule
2016-12-06 02:02:38 ----D---- C:\Users\Valér\AppData\Roaming\Airytec
2016-12-06 02:02:35 ----D---- C:\Program Files\Airytec
2016-12-06 00:33:13 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2016-12-06 00:27:01 ----D---- C:\Program Files\Java
2016-12-02 04:47:26 ----D---- C:\ProgramData\wintools
2016-11-30 21:15:28 ----D---- C:\Program Files (x86)\o0a1z2iz
2016-11-28 12:49:54 ----D---- C:\Program Files\CyberGhost 6
2016-11-28 12:46:20 ----D---- C:\Program Files\CyberGhost 5
2016-11-28 03:11:19 ----D---- C:\Program Files\CyberGhost VPN
2016-11-27 21:02:05 ----D---- C:\Users\Valér\AppData\Roaming\HP
2016-11-27 20:59:50 ----D---- C:\Program Files (x86)\HP
2016-11-27 20:56:42 ----D---- C:\Program Files\Microsoft SQL Server
2016-11-27 20:56:42 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2016-11-27 20:56:42 ----D---- C:\Program Files (x86)\Microsoft SDKs
2016-11-27 19:16:48 ----A---- C:\Windows\system32\drivers\semav6msr64.sys
2016-11-27 19:10:29 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-11-27 19:10:29 ----A---- C:\Windows\system32\wksprt.exe
2016-11-27 19:10:29 ----A---- C:\Windows\system32\mstscax.dll
2016-11-27 19:10:28 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-11-27 19:10:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-11-27 19:10:28 ----A---- C:\Windows\system32\tsgqec.dll
2016-11-27 19:10:28 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-11-27 16:37:44 ----A---- C:\Windows\system32\rdpudd.dll
2016-11-27 16:37:44 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-11-27 16:37:44 ----A---- C:\Windows\system32\rdpcorets.dll
2016-11-27 16:37:30 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-11-27 16:20:13 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-27 15:44:13 ----A---- C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-11-27 15:33:55 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-11-27 15:33:55 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-11-27 15:33:55 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-11-27 15:33:55 ----A---- C:\Windows\system32\vulkan-1.dll
2016-11-27 15:33:53 ----D---- C:\Program Files (x86)\VulkanRT
2016-11-25 00:12:36 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-11-25 00:12:32 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-11-25 00:12:32 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-11-25 00:12:32 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2016-11-25 00:12:27 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2016-11-25 00:12:27 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2016-11-25 00:12:27 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2016-11-25 00:12:27 ----A---- C:\Windows\system32\wksprtPS.dll
2016-11-25 00:12:27 ----A---- C:\Windows\system32\mstsc.exe
2016-11-25 00:12:27 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2016-11-25 00:08:46 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2016-11-25 00:08:38 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2016-11-25 00:08:38 ----A---- C:\Windows\system32\rdpendp_winip.dll
2016-11-23 22:31:36 ----A---- C:\Windows\system32\icaapi.dll
2016-11-23 22:31:35 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2016-11-23 22:30:57 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-11-23 22:30:57 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-11-23 22:30:57 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-11-23 22:30:57 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-11-23 22:30:57 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-11-23 22:30:57 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-11-23 22:30:56 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-11-23 22:30:56 ----A---- C:\Windows\system32\nlsbres.dll
2016-11-12 23:11:30 ----D---- C:\Counter-Strike
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-11 22:18:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-11 22:18:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-11 22:18:56 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-11 22:18:53 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-11 22:18:52 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\vbscript.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\srcore.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\srclient.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\schannel.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\rstrui.exe
2016-11-11 22:18:48 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\jscript9.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\jscript.dll
2016-11-11 22:18:48 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\msobjs.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\msaudite.dll
2016-11-11 22:18:46 ----A---- C:\Windows\system32\auditpol.exe
2016-11-11 22:18:46 ----A---- C:\Windows\system32\adtschema.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\wininet.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\webcheck.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\urlmon.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\tzres.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\sspicli.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\secur32.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\occache.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\msrating.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\mshtml.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\lsass.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\inseng.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieui.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iesetup.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iertutil.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iernonce.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieframe.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-11 22:18:45 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-11 22:18:45 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-11 22:18:45 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-11 22:18:44 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-11 22:18:44 ----A---- C:\Windows\system32\certcli.dll
2016-11-11 22:18:44 ----A---- C:\Windows\system32\advapi32.dll
2016-11-11 22:00:13 ----A---- C:\Windows\system32\win32k.sys
2016-11-11 22:00:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-11 22:00:10 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-11 22:00:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-11 22:00:09 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-11 22:00:09 ----A---- C:\Windows\system32\win32spl.dll
2016-11-11 22:00:09 ----A---- C:\Windows\system32\ntdll.dll
2016-11-11 22:00:09 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-11 22:00:08 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-11 22:00:08 ----A---- C:\Windows\system32\clfs.sys
2016-11-11 22:00:08 ----A---- C:\Windows\system32\atmfd.dll
2016-11-11 22:00:07 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-11 22:00:07 ----A---- C:\Windows\system32\msctf.dll
2016-11-11 22:00:07 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-11 22:00:07 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-11 22:00:04 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-11 22:00:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-11 22:00:01 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-11 22:00:00 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-11 22:00:00 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-11 22:00:00 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-11 22:00:00 ----A---- C:\Windows\system32\input.dll
2016-11-11 22:00:00 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-11 21:59:59 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-11 21:59:57 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-11 21:59:54 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\wdigest.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\smss.exe
2016-11-11 21:59:54 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\lpk.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\kernel32.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\kerberos.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\INETRES.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\fontsub.dll
2016-11-11 21:59:54 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-11 21:59:54 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-11 21:59:53 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-11 21:59:53 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\wow64win.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\wow64.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\winsrv.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-11 21:59:53 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-11 21:59:53 ----A---- C:\Windows\system32\dciman32.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\credssp.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\conhost.exe
2016-11-11 21:59:53 ----A---- C:\Windows\system32\atmlib.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-11 21:59:53 ----A---- C:\Windows\system32\appidapi.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-11 21:59:51 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-11 21:59:51 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-11 21:59:51 ----A---- C:\Windows\system32\apisetschema.dll

======List of files/folders modified in the last 1 month======

2016-12-10 21:53:57 ----D---- C:\Windows\Temp
2016-12-10 21:53:54 ----D---- C:\ProgramData\VMware
2016-12-10 21:53:10 ----D---- C:\Program Files (x86)\Hi-Rez Studios
2016-12-10 21:52:33 ----A---- C:\Windows\SYSWOW64\bscs.ini
2016-12-10 21:51:26 ----D---- C:\Windows
2016-12-10 21:50:33 ----D---- C:\Windows\System32
2016-12-10 21:50:32 ----D---- C:\Windows\SysWOW64
2016-12-10 21:49:25 ----RD---- C:\Program Files (x86)
2016-12-10 20:48:27 ----D---- C:\Users\Valér\AppData\Roaming\vlc
2016-12-10 20:34:40 ----D---- C:\AdwCleaner
2016-12-10 19:50:07 ----A---- C:\Windows\SYSWOW64\log.txt
2016-12-10 19:42:54 ----D---- C:\Windows\system32\Tasks
2016-12-10 19:42:51 ----D---- C:\Windows\system32\log
2016-12-10 19:42:33 ----D---- C:\Users\Valér\AppData\Roaming\Profiles
2016-12-10 19:41:52 ----HD---- C:\ProgramData
2016-12-10 18:32:42 ----D---- C:\Windows\inf
2016-12-10 18:32:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-10 18:24:09 ----D---- C:\Windows\system32\config
2016-12-10 17:49:55 ----D---- C:\Windows\system32\catroot
2016-12-10 17:32:31 ----D---- C:\Windows\Microsoft.NET
2016-12-10 17:16:16 ----SHD---- C:\Config.Msi
2016-12-10 17:14:00 ----SHD---- C:\Windows\Installer
2016-12-10 17:12:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-12-10 17:10:02 ----D---- C:\Windows\SYSWOW64\en-US
2016-12-10 17:10:02 ----D---- C:\Windows\system32\en-US
2016-12-10 16:53:07 ----D---- C:\Program Files
2016-12-10 15:42:27 ----D---- C:\Windows\system32\catroot2
2016-12-10 15:10:47 ----D---- C:\Windows\registration
2016-12-10 14:42:59 ----D---- C:\Users\Valér\AppData\Roaming\Skype
2016-12-10 14:39:20 ----D---- C:\Windows\system32\drivers
2016-12-10 04:31:19 ----D---- C:\Program Files (x86)\Intel
2016-12-10 04:29:33 ----D---- C:\Windows\system32\DriverStore
2016-12-10 04:27:28 ----D---- C:\Intel
2016-12-10 04:23:19 ----D---- C:\ProgramData\AMD
2016-12-10 04:23:11 ----D---- C:\Program Files (x86)\Common Files
2016-12-10 04:22:48 ----D---- C:\Program Files\ATI Technologies
2016-12-10 03:20:02 ----SHD---- C:\System Volume Information
2016-12-10 03:19:56 ----D---- C:\Program Files\AMD
2016-12-10 02:43:15 ----D---- C:\SWSetup
2016-12-10 00:01:41 ----D---- C:\ProgramData\Malwarebytes
2016-12-09 19:16:56 ----D---- C:\Program Files (x86)\Jumpstart
2016-12-09 14:33:12 ----D---- C:\Users\Valér\AppData\Roaming\uTorrent
2016-12-09 10:52:13 ----D---- C:\Windows\Prefetch
2016-12-06 00:39:28 ----D---- C:\Program Files (x86)\Steam
2016-12-06 00:34:22 ----D---- C:\ProgramData\Oracle
2016-12-02 10:39:50 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-02 10:39:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-01 12:29:47 ----D---- C:\Users\Valér\AppData\Roaming\TeamViewer
2016-12-01 12:29:47 ----D---- C:\Users\Valér\AppData\Roaming\DAEMON Tools Lite
2016-12-01 12:29:40 ----D---- C:\Windows\Logs
2016-12-01 12:29:40 ----D---- C:\Windows\debug
2016-12-01 11:12:35 ----D---- C:\Program Files\Avast
2016-12-01 07:35:32 ----D---- C:\Program Files (x86)\TeamViewer
2016-11-30 23:08:05 ----D---- C:\Windows\system32\NDF
2016-11-27 21:00:07 ----D---- C:\ProgramData\HP
2016-11-27 20:59:43 ----RSD---- C:\Windows\assembly
2016-11-27 20:59:42 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-11-27 19:39:46 ----D---- C:\Windows\winsxs
2016-11-27 19:27:45 ----D---- C:\ProgramData\Package Cache
2016-11-27 19:27:45 ----D---- C:\Program Files\Intel
2016-11-27 18:32:29 ----D---- C:\AMD
2016-11-27 16:38:49 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-11-27 16:38:49 ----D---- C:\Windows\system32\sk-SK
2016-11-27 15:38:48 ----D---- C:\Program Files (x86)\AMD
2016-11-25 11:22:31 ----D---- C:\Windows\SYSWOW64\wbem
2016-11-25 11:22:31 ----D---- C:\Windows\system32\wbem
2016-11-25 11:22:31 ----D---- C:\Windows\system32\drivers\en-US
2016-11-25 11:22:31 ----D---- C:\Windows\PolicyDefinitions
2016-11-23 22:43:05 ----RSD---- C:\Windows\Fonts
2016-11-23 22:32:21 ----A---- C:\Windows\SYSWOW64\REMOTEDEVICE.INI
2016-11-23 22:29:30 ----A---- C:\Windows\SYSWOW64\LOCALSERVICE.INI
2016-11-23 22:29:25 ----A---- C:\Windows\SYSWOW64\LOCALDEVICE.INI
2016-11-22 22:35:20 ----D---- C:\ProgramData\Skype
2016-11-22 22:35:05 ----RD---- C:\Program Files (x86)\Skype
2016-11-12 21:56:28 ----D---- C:\Program Files (x86)\Counter-Strike 1.6
2016-11-11 22:23:26 ----D---- C:\Windows\SYSWOW64\migration
2016-11-11 22:23:26 ----D---- C:\Program Files\Internet Explorer
2016-11-11 22:23:26 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-11 22:23:22 ----D---- C:\Windows\system32\migration
2016-11-11 22:23:16 ----D---- C:\Windows\AppPatch
2016-11-11 22:23:15 ----D---- C:\Windows\system32\Boot
2016-11-11 14:59:36 ----D---- C:\Windows\system32\MRT
2016-11-11 14:47:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-11 14:47:38 ----D---- C:\Windows\system32\Macromed
2016-11-11 14:47:34 ----D---- C:\Windows\SYSWOW64\Macromed

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2013-10-12 36520]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2013-03-01 30520]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-02-01 568600]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-12-04 20024]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-12-10 250816]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; SysWOW64\speedfan.sys []
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2015-05-21 85584]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-09-02 103064]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-08-26 283064]
R1 JSWPSLWF;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwfx.sys [2008-05-15 26624]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2013-03-01 43320]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2013-01-28 25912]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-12-04 358456]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-12-04 791608]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-12 62784]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2014-12-31 2486416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-02-26 819784]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-10-25 524016]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2015-05-31 33472]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2015-05-31 28864]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-09-02 74544]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 293352]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-22 513632]
S1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2016-11-29 77408]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-09-02 108816]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-09-02 163416]
S2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-05-22 55488]
S2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2016-12-10 176064]
S2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2015-05-31 48832]
S2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2015-05-31 26816]
S2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2015-05-31 66752]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-06-05 11612672]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-06-05 578048]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-09-02 37656]
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2012-12-19 33968]
S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service; C:\Windows\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\Windows\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2012-12-05 49632]
S3 clwcsm;CyberLink Webcam Sharing Manager 4.2; C:\Windows\system32\DRIVERS\clwcsm.sys [2013-02-19 42432]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2016-12-10 54736]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-08-05 3802600]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2016-08-05 463112]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2007-03-29 30472]
S3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2016-12-10 43968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2013-01-23 288328]
S3 rtbth;RTBTH Bluetooth Device Driver; C:\Windows\system32\DRIVERS\rtbth.sys [2012-10-09 692832]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\Windows\system32\DRIVERS\RtsPer.sys [2013-02-01 448072]
S3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [2015-06-04 21984]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-10-25 34544]
S3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2013-02-22 1446904]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-02-05 544768]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2016-11-29 4317648]
S2 ABBYY.Licensing.FineReader.Professional.12.0;ABBYY FineReader 12 PE Licensing Service; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [2014-01-23 925904]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-06-05 241152]
S2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast\AvastSvc.exe [2016-09-02 197128]
S2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
S2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2016-11-15 9728]
S2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-01-31 553248]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-03-01 43320]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-29 13592]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-08-05 319096]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-10-22 166432]
S2 jswpbapi;JumpStart Push-Button Service; C:\Program Files (x86)\Jumpstart\jswpbapi.exe [2008-09-26 265216]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-10-22 278560]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2016-09-15 2195472]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-08-17 76888]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-05 332800]
S2 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]
S2 SwOffWeb;Airytec Switch Off - Web Interface; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]
S2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]
S2 TTService;TTService; C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe [2016-02-03 3274776]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-22 365600]
S2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2015-05-31 87744]
S2 VMnetDHCP;VMware DHCP Service; C:\Windows\SysWOW64\vmnetdhcp.exe [2015-05-31 359104]
S2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2015-05-22 916672]
S2 VMware NAT Service;VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [2015-05-31 438464]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-11 270016]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-08-05 280696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 hpCMSrv;HP Connection Manager 5 Service; C:\Program Files (x86)\HP\HP Connection Manager\hpCMSrv.exe [2016-04-07 1681760]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-10-19 1102560]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-27 114688]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\Jumpstart\jswpsapi.exe [2008-09-26 954368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-02 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-09-15 2130440]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Aero 7 nefunguje, preblikáva obrazovka

#10 Příspěvek od Rudy »

Smazáno. Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
SabreSK
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 pro 2016 16:58

Re: Aero 7 nefunguje, preblikáva obrazovka

#11 Příspěvek od SabreSK »

Skúšal som zapnúť v normálnom režime Windows a aj tak stále bliká obrazovka :( ale sken bol čistý

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/10/16
Scan Time: 10:28 PM
Logfile: MBAM sken.txt
Administrator: Yes

-Software Information-
Version: 3.0.0
Components Version: 1.0.0
Update Package Version: 1.0.688
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Val\u00c3\u00a9r-PC\Val\u00c3\u00a9r

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 424337
Time Elapsed: 10 min, 54 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Aero 7 nefunguje, preblikáva obrazovka

#12 Příspěvek od Rudy »

PC je bez malware. Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
SabreSK
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 pro 2016 16:58

Re: Aero 7 nefunguje, preblikáva obrazovka

#13 Příspěvek od SabreSK »

Skúšal som aj to, všetko možné som s tým robil, skúsil som aj v cmd povel /sfc scannow a nič mi nenašlo...
Došiel som k tomu názoru, že to musí robiť niečo po štarte Windowsu, lebo login screen v pohode, "Vitajte" tiež píše a safe mode ide tiež fajn.
Počas blikania som skúsil sa dostať na vlastnosti obrazovky alebo niečo také a vypnúť tému Aero 7 a fungovalo to.
Síce som teraz na staršej téme ale už to aspoň nebliká.
Ale spustím Mozillu a nahodí mi čierne okno. Mozilla ide ale neviem prečo, akoby nebola graficky podporovaná.
Nerozumiem, aký je problém.
Samozrejme ďakujem za dosavadný postup :) ale vedeli by ste ešte niečo poradiť? Ešte som sa nestretol s takýmto problémom. :?:
Mozilla bol môj hlavný prehliadač, Aero som tiež rád používal a taktiež som zvedavý, čo ešte nefunguje.

Ďakujem
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Aero 7 nefunguje, preblikáva obrazovka

#14 Příspěvek od Rudy »

PC je bez malware. Za předpokladu, že máte nainstalován správný ovladač grafiky, zkuste ještě opravu pomocí FixIt: http://www.stahuj.centrum.cz/utility_a_ ... it-center/ , nebo windows repair: http://www.stahuj.centrum.cz/utility_a_ ... ws-repair/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
SabreSK
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 pro 2016 16:58

Re: Aero 7 nefunguje, preblikáva obrazovka

#15 Příspěvek od SabreSK »

Skúsil som vypnúť ovládač na AMD a bolo to asi v tom, potom mi šla Mozilla, Aero síce stále nie, ale skúsil som nainštalovať najnovšie drivery, i keď neviem či majú podporu Switchable Graphics...
Ale fungujú a s nimi Aero a aj Mozilla, z ktorej aj teraz už celkom spokojne píšem :)

Ďakujem teda veľmi pekne za pomoc pri odstraňovaní hávedi a prajem pekný deň :)

Ešte som sa chcel spýtať, neviete náhodou, či je ten software na prepínanie grafiky nejaký odlišný, alebo mi stačia drivery na každú osobitne a oni sa samé prepnú?
Neviete aspoň o nejakom softvéri alebo niečo, ako zistiť ktorá grafická karta sa práve používa?
Ďakujem :)
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“