Zdravím, včera se mi najednou při hraní začal restartovat počítač. Dokola a dokola. Někdy se načte na plochu, ale pak se zase restartuje a nenačte se ani do přihlašovací obrazovky, aniž by se znovu nerestartoval, a nebo se dokola retartuje už při úvodní obrazovce. Zkoušel jsem vyměnit RAM paměť, vyčistit CMOS a nic. Najednou jsem zkusil nouzový režim a ten funguje, takže z toho vyplývá, že problém nebude s hardwarem, ale něco se softwarem. Dlouho jsem PC nečistil (dříve obvykle tak 1 měsíčně podle zdejších rad), tak mě napadlo že to může být nějaká havěť. Dlouho jsem sem nepsal, ale mám zkušenost že zdejší se snaží vyjít vstříc, tak to za pokus stojí. Tady vkládám log z RSIT. Děkuji moc
info.txt logfile of random's system information tool 1.14 2017-02-12 14:36:07
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9AAB87AB8700008001010007FEFFFF3F0000003716710200FEFFFF0FFEFFFF761671028A88D814000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
µTorrent [2017/02/02 18:37:47]-->"C:\Users\mat.mik\AppData\Roaming\uTorrent\uTorrent.exe" /UNINSTALL
Acrobat.com [2015/05/20 10:51:36]-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com [20150125]-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR [2015/05/20 10:51:36]-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR [20150125]-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Reader 9 [20150125]-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
AMD Wireless Display v3.0 [20150315]-->MsiExec.exe /X{4CAE37F5-A8AD-8863-C158-1484B5D807E5}
AMD Wireless Display v3.0 [20150614]-->MsiExec.exe /X{426582A8-202F-D13C-8BD5-F00551BAFC93}
AMD Wireless Display v3.0 [20150816]-->MsiExec.exe /X{630E5EF7-72F8-9E5D-BEF5-ED85B698E160}
Assassin's Creed(R) III v1.06 [20150203]-->"C:\Program Files (x86)\InstallShield Installation Information\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}\setup.exe" -runfromtemp -l0x0005 -removeonly
Avast Free Antivirus [2017/02/07 18:57:11]-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
AX88772C_AX88772B Windows 7 Drivers [20150907]-->"C:\Program Files (x86)\InstallShield Installation Information\{54A168C9-2250-4058-80EB-1F4A4192548A}\setup.exe" -runfromtemp -l0x0405 -removeonly
AX88772C_AX88772B Windows 7 Drivers [20150907]-->MsiExec.exe /I{54A168C9-2250-4058-80EB-1F4A4192548A}
AX88772C_AX88772B Windows 7 Drivers [v5.1x.12.0] [20150913]-->"C:\Program Files (x86)\InstallShield Installation Information\{4E6103B3-AAB1-462D-9FB6-BE4B62C048D3}\setup.exe" -runfromtemp -l0x0405 -removeonly
AX88772C_AX88772B Windows 7 Drivers [v5.1x.12.0] [20150913]-->MsiExec.exe /I{4E6103B3-AAB1-462D-9FB6-BE4B62C048D3}
Battlelog Web Plugins [2015/11/29 21:50:22]-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
CCleaner [2015/02/01 00:19:23]-->"C:\Program Files\CCleaner\uninst.exe"
CPUID CPU-Z 1.71.1 [20150130]-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
DAEMON Tools Lite [2015/05/20 10:51:36]-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DiRT 3 Profile Import version 1.0 [20170126]-->"C:\Users\mat.mik\Documents\My Games\DiRT3\savegame\unins000.exe"
ESN Sonar [2015/11/29 21:50:27]-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
FIFA 14 1.2 [20161228]-->"C:\hry\FIFA 14\unins000.exe"
Fraps [2015/05/20 10:51:36]-->"C:\Fraps\uninstall.exe"
GamePark [2015/05/20 10:51:36]-->"C:\Program Files (x86)\GamePark\unins000.exe"
GOG Galaxy [20151031]-->"C:\Program Files (x86)\GalaxyClient\unins000.exe"
Google Chrome [20150125]-->"C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\setup.exe" --uninstall --system-level
Google Update Helper [20150126]-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Update Helper [20161218]-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Intel(R) Chipset Device Software [20150125]-->MsiExec.exe /I{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A}
Intel(R) Management Engine Components [2015/01/25 22:59:19]-->"C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall
Intel(R) Management Engine Components [20150125]-->MsiExec.exe /I{D4FC649C-0247-4873-930D-D9E6904DCAF5}
Intel(R) Management Engine Components [20150125]-->MsiExec.exe /I{E1CBE9A2-1323-488E-9F3B-736DF6399F38}
Intel(R) Network Connections 20.2.3001.0 [20151101]-->MsiExec.exe /i{638A518B-0D2E-4143-ACF8-F3D83D822E85} ARPREMOVE=1
Intel(R) Network Connections 20.2.3001.0 [20151101]-->MsiExec.exe /i{638A518B-0D2E-4143-ACF8-F3D83D822E85} ARPREMOVE=1
Intel(R) USB 3.0 eXtensible Host Controller Driver [2015/09/13 10:35:02]-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Intel® Chipset Device Software [2015/05/20 10:51:36]-->"C:\ProgramData\Package Cache\{e48a2f61-851a-4155-82f9-af1b04db8c3b}\SetupChipset.exe" /uninstall
Intel® Trusted Connect Service Client [20150125]-->MsiExec.exe /I{3DE97849-544D-4D68-9255-11DF6F9F10D8}
Java 7 Update 51 (64-bit) [20160215]-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86417051FF}
Java 7 Update 51 [20160215]-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217051FF}
Java 8 Update 31 [20150126]-->MsiExec.exe /I{26A24AE4-039D-4CA4-87B4-2F83218031F0}
League of Legends [2017/01/09 13:59:07]-->msiexec.exe /x {6FEDADF5-40EC-4E18-A376-0FDBACE65338}
League of Legends [20170109]-->MsiExec.exe /X{6FEDADF5-40EC-4E18-A376-0FDBACE65338}
Microsoft .NET Framework 1.1 [2016/02/15 21:56:16]-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 [20160215]-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Security Update (KB2698023) [2016/02/15 21:56:16]-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2698023\M2698023Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB2833941) [2016/02/15 21:56:16]-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2833941\M2833941Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906) [2016/02/15 21:56:16]-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 4 Client Profile CSY Language Pack [2015/01/26 17:31:54]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack [20150126]-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4.5.2 [2015/01/28 23:22:27]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.2 [20160817]-->MsiExec.exe /X{26784146-6E05-3FF9-9335-786C7C0FB5BE}
Microsoft ASP.NET MVC 4 Runtime [20161008]-->MsiExec.exe /X{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
Microsoft Games for Windows - LIVE Redistributable [20150928]-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
Microsoft Games for Windows Marketplace [20150928]-->MsiExec.exe /X{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}
Microsoft Visual C++ 2005 Redistributable (x64) [20150420]-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64) [20150929]-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable [20150929]-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable [20160519]-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable [20160809]-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [20151221]-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [20151223]-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [20150128]-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [20150929]-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [20160215]-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [20150921]-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 [2016/12/28 15:28:29]-->"C:\ProgramData\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [2016/10/09 13:07:24]-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [2016/10/09 13:06:09]-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 [20150614]-->MsiExec.exe /X{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [20150505]-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 [20150614]-->MsiExec.exe /X{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [20150505]-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [20151030]-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [20151030]-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 [2016/10/09 13:10:26]-->"C:\ProgramData\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 [2016/08/09 10:23:49]-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 [2016/10/09 13:08:55]-->"C:\ProgramData\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 [2016/08/09 10:25:12]-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [20151129]-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [20151129]-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [20151129]-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [20151129]-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 [2016/05/07 17:32:11]-->"C:\ProgramData\Package Cache\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 [20160507]-->MsiExec.exe /X{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 [20160507]-->MsiExec.exe /X{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}
NVIDIA GeForce Experience 3.1.0.52 [20161115]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač 3D Vision 375.86 [20161115]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.3.34.17 [20161115]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 [20161115]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 375.86 [20161115]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Stereoscopic 3D Driver [2016/11/15 23:19:32]-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.16.0318 [20161008]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
OpenAL [2017/01/26 22:41:12]-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
Origin [2017/02/07 13:58:13]-->C:\Program Files (x86)\Origin\OriginUninstall.exe
PlanetSide 2 [2015/09/21 18:53:56]-->C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\Uninstaller.exe
PunkBuster Services [2016/08/17 20:10:13]-->C:\Users\mat.mik\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe -u
RadeonPro 1.0 (Build 1.1.1.0) [20160913]-->"C:\Program Files (x86)\RadeonPro\unins000.exe"
Realtek Ethernet Controller Driver [20150830]-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver [20150125]-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Rise of the Tomb Raider [20170124]-->"C:\Program Files (x86)\Rise of the Tomb Raider\unins000.exe"
RivaTuner v2.23 [2015/05/20 10:51:36]-->"C:\Program Files (x86)\RivaTuner v2.23\uninstall.exe"
SafeZone Stable 3.55.2393.527 [2017/02/08 12:57:40]-->"C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall
Security Update for Microsoft .NET Framework 4.5.2 (KB2972107) [2015/05/20 10:51:36]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533}
Security Update for Microsoft .NET Framework 4.5.2 (KB2972216) [2015/05/20 10:51:36]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C}
Security Update for Microsoft .NET Framework 4.5.2 (KB2979578v2) [2015/05/20 10:51:36]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {48006B2D-366F-3386-92C7-785D3A523042}
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) [2015/05/20 10:51:36]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {175C1563-5389-3174-A18B-A90AD45208D2}
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) [2015/05/20 10:51:36]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {6F197100-4BF3-3105-AA93-C5731C4FA85F}
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) [2015/05/20 10:51:36]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {99A495FF-BC65-375D-B3C9-934E1DE4F558}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074230) [2015/09/09 19:56:30]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {73E43C35-D717-337B-9F50-66F5623A8E1C}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074550) [2015/09/09 20:00:51]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {F403E543-04A6-3024-BE38-189172855D13}
Security Update for Microsoft .NET Framework 4.5.2 (KB3097996) [2015/11/12 22:54:55]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {CE42A318-3E62-3F40-B52A-9CE658805801}
Security Update for Microsoft .NET Framework 4.5.2 (KB3098781) [2015/11/13 23:35:48]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {CF7790C7-662A-3829-B49E-61578D4D9838}
Security Update for Microsoft .NET Framework 4.5.2 (KB3122656) [2016/02/16 22:47:51]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {0401CD26-A8CB-33EA-8338-9340FC8515BD}
Security Update for Microsoft .NET Framework 4.5.2 (KB3127229) [2016/02/11 22:15:01]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {D21BF446-9101-3327-BA36-0C74701B77DC}
Security Update for Microsoft .NET Framework 4.5.2 (KB3135996) [2016/04/10 21:45:41]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {0CA47C4C-98A6-3D92-8A97-E87DC34DB81A}
Security Update for Microsoft .NET Framework 4.5.2 (KB3135996v2) [2016/08/17 22:52:57]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {56DEA359-4DDF-34FA-8B4E-D98CFDB4263C}
Security Update for Microsoft .NET Framework 4.5.2 (KB3142033) [2016/05/11 21:31:26]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {357704F6-271F-3C50-B28A-039EA02C5D65}
Security Update for Microsoft .NET Framework 4.5.2 (KB3163251) [2016/08/07 20:30:27]-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {EB00A8CD-33DB-3A8B-821B-47989E5FD1F7}
Seznam Instalátor [2016/11/23 11:26:44]-->C:\Windows\system32\ssinstall-uninstall.bat
SHAREit [20150307]-->"C:\Program Files (x86)\Lenovo\SHAREit\unins000.exe"
Steam [2015/09/18 19:35:53]-->C:\Program Files (x86)\Steam\uninstall.exe
TechPowerUp GPU-Z [2015/05/20 10:51:36]-->"C:\Program Files (x86)\GPU-Z\uninstall.exe"
TP-LINK TL-WDN4800 Driver [20150830]-->"C:\Program Files (x86)\InstallShield Installation Information\{FDA7E907-6539-42C1-9721-0239C281B336}\setup.exe" -runfromtemp -l0x0009 -removeonly DriverOnly
TP-LINK Wireless Configuration Utility [20150830]-->"C:\Program Files (x86)\InstallShield Installation Information\{319D91C6-3D44-436C-9F79-36C0D22372DC}\setup.exe" -runfromtemp -l0x0009 -removeonly
VLC media player [2015/05/20 10:51:36]-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Vulkan Run Time Libraries 1.0.26.0 [2016/11/15 23:18:49]-->C:\Program Files (x86)\VulkanRT\1.0.26.0\UninstallVulkanRT.exe
Windows Live ID Sign-in Assistant [20150928]-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
WinRAR 5.20 (32-bit) [2015/05/20 10:51:36]-->C:\Program Files (x86)\WinRAR\uninstall.exe
======Security center information======
AV: Avast Antivirus disabled
AS: Windows Defender
AS: Avast Antivirus disabled
======System event log"======
Computer Name: matmik-PC
Event Code: 7001
Message: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Record Number: 247020
Source Name: Service Control Manager
Time Written: 20170212133529.126211-000
Event Type: Chyba
User:
Computer Name: matmik-PC
Event Code: 10005
Message: Služba DCOM zjistila chybu %%1084 při pokusu o spuštění služby NVDisplay.ContainerLocalSystem s argumenty za účelem spuštění serveru:
{DCAB0989-1301-4319-BE5F-ADE89F88581C}
Record Number: 247019
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20170212133247.000000-000
Event Type: Chyba
User:
Computer Name: matmik-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Windows PowerShell.
Record Number: 247018
Source Name: Microsoft-Windows-Eventlog
Time Written: 20170212132338.598041-000
Event Type: Informace
User: matmik-PC\mat.mik
Computer Name: matmik-PC
Event Code: 104
Message: Byl vymazán soubor protokolu TuneUp.
Record Number: 247017
Source Name: Microsoft-Windows-Eventlog
Time Written: 20170212132338.582441-000
Event Type: Informace
User: matmik-PC\mat.mik
Computer Name: matmik-PC
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 247016
Source Name: Microsoft-Windows-Eventlog
Time Written: 20170212132338.566841-000
Event Type: Informace
User: matmik-PC\mat.mik
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=3c03
"easyplussdk"="C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin"
"SAFEBOOT_OPTION"=NETWORK
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
PC se dokola restartuje - nouzový režim funguje
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
[ACze]miky
- Návštěvník
- Příspěvky: 206
- Registrován: 01 pro 2010 16:41
PC se dokola restartuje - nouzový režim funguje
Naposledy upravil(a) [ACze]miky dne 12 úno 2017 14:45, celkem upraveno 1 x.
-
[ACze]miky
- Návštěvník
- Příspěvky: 206
- Registrován: 01 pro 2010 16:41
Re: PC se dokola restartuje - nouzový režim funguje
A druhý log:
Logfile of random's system information tool 1.14 (written by random/random)
Run by mat.mik at 2017-02-12 14:35:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 12 GB (7%) free of 171 GB
Total RAM: 8143 MB (85% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:35:54, on 12.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mat.mik_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [uTorrent] "C:\Users\mat.mik\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9881 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\CCleaner\CCleaner64.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\mat.mik\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\mat.mik\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=56.0.2924.87 --initial-client-data=0xf0,0xf4,0xf8,0xec,0xfc,0x74857598,0x748575bc,0x748575a4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1048 --on-initialized-event-handle=408 --parent-handle=412 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,*EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/LanguageInstall/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Default/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/EnabledOnDisk/PluginPowerSaverTiny/Enabled2/*QUIC/ControlJuly/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Enabled/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_45/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --primordial-pipe-token=CE8222AC4CB21F100E71A48B139F3B1B --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=CE8222AC4CB21F100E71A48B139F3B1B --renderer-client-id=5 --mojo-platform-channel-handle=1720 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,*EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/LanguageInstall/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Default/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/EnabledOnDisk/PluginPowerSaverTiny/Enabled2/*QUIC/ControlJuly/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Enabled/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_45/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --primordial-pipe-token=EC227F8681825234ABDBA90E1A151A16 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=EC227F8681825234ABDBA90E1A151A16 --renderer-client-id=3 --mojo-platform-channel-handle=3352 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,*EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/LanguageInstall/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Default/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/EnabledOnDisk/PluginPowerSaverTiny/Enabled2/*QUIC/ControlJuly/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Enabled/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_45/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsInterventionV2/Default/ --primordial-pipe-token=90158082814760463B410D14A41E9FFD --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=90158082814760463B410D14A41E9FFD --renderer-client-id=18 --mojo-platform-channel-handle=2332 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,*EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/LanguageInstall/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Default/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/*PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/EnabledOnDisk/PluginPowerSaverTiny/Enabled2/*QUIC/ControlJuly/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/*SignInPasswordPromo/Enable3/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Enabled/*TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_45/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsInterventionV2/Default/ --primordial-pipe-token=3029873C22EFE98B43622B9153C5AEBC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=3029873C22EFE98B43622B9153C5AEBC --renderer-client-id=22 --mojo-platform-channel-handle=5540 /prefetch:1
"C:\Users\mat.mik\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
C:\Windows\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\Windows\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\Windows\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1475492714 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-207457545-1061647583-4167263747-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Google Chrome=========
C:\Users\mat.mik\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 2 Avast SafePrice 12.0.102
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gomekmidlodglbbmalcneegieacbdmki 1 Avast Online Security 12.0.163
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5616.1121.0.3
Homepage:
default_search_provider.search_url:
C:\Users\mat.mik\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 11.6.602.180 Shockwave Flash C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll
Plugin Chrome Remote Desktop Viewer internal-remoting-viewer
Plugin Native Client C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll
Plugin 9.0.0.2008061100 Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
Plugin 1.3.25.11 Google Update C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
Plugin 4.0.5.0 Intel® Identity Protection Technology C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin 4.0.5.0 Intel® Identity Protection Technology C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}]
"URL"=https://www.google.com/search?trackid=s ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2016-02-15 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-02-07 883520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-02-15 210856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-07 758384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-07-26 13636824]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-10-25 1852352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\mat.mik\AppData\Roaming\uTorrent\uTorrent.exe [2017-02-02 2143936]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-01-19 2881824]
"GalaxyClient"=C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [2017-02-02 4006464]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2017-02-07 3044848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-02-07 205512]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2017-02-12 14:35:45 ----D---- C:\rsit
2017-02-12 14:23:41 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z..Z.Z.Z.ZZ
2017-02-11 12:44:53 ----D---- C:\ProgramData\SWCUTemp
2017-02-07 18:57:25 ----A---- C:\Windows\system32\drivers\aswbuniva.sys
2017-02-07 18:57:25 ----A---- C:\Windows\system32\drivers\aswbloga.sys
2017-02-07 18:57:24 ----A---- C:\Windows\system32\drivers\aswbidsha.sys
2017-02-07 18:57:24 ----A---- C:\Windows\system32\drivers\aswbidsdrivera.sys
2017-02-07 18:57:01 ----A---- C:\Windows\system32\aswBoot.exe
2017-01-27 15:09:54 ----SHD---- C:\ProgramData\DSS
2017-01-27 15:09:49 ----D---- C:\ProgramData\Codemasters
2017-01-26 22:41:13 ----A---- C:\Windows\system32\wrap_oal.dll
2017-01-26 22:41:12 ----D---- C:\Program Files (x86)\OpenAL
2017-01-26 22:41:12 ----A---- C:\Windows\system32\OpenAL32.dll
2017-01-26 22:41:11 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2017-01-26 22:41:10 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2017-01-26 22:22:31 ----D---- C:\Games
2017-01-26 18:31:45 ----D---- C:\Users\mat.mik\AppData\Roaming\Rise_Of_TB_Instaler
2017-01-24 22:11:41 ----D---- C:\Users\mat.mik\AppData\Roaming\Crystal Dynamics
2017-01-24 20:37:14 ----D---- C:\Program Files (x86)\Rise of the Tomb Raider
2017-01-09 19:31:53 ----D---- C:\Users\mat.mik\AppData\Roaming\LolClient
2017-01-09 14:06:24 ----D---- C:\ProgramData\Riot Games
2017-01-09 14:00:21 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2017-01-09 14:00:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2017-01-09 14:00:16 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2017-01-09 13:59:02 ----D---- C:\Riot Games
2017-01-09 13:56:21 ----D---- C:\Users\mat.mik\AppData\Roaming\Riot Games
2016-12-22 21:57:39 ----D---- C:\Program Files (x86)\R.G. Freedom
2016-12-20 18:03:13 ----D---- C:\Users\mat.mik\AppData\Roaming\Eidos Montreal
2016-12-19 20:02:42 ----A---- C:\Windows\system32\ISDone.dll
2016-12-18 22:29:57 ----D---- C:\Program Files (x86)\Origin Games
2016-11-27 21:13:20 ----A---- C:\Windows\system32\mshtml.dll
2016-11-27 21:13:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-27 21:13:16 ----A---- C:\Windows\system32\ieframe.dll
2016-11-27 21:13:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-27 21:13:14 ----A---- C:\Windows\system32\jscript9.dll
2016-11-27 21:13:13 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-27 21:13:13 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-27 21:13:13 ----A---- C:\Windows\system32\wininet.dll
2016-11-27 21:13:13 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-27 21:13:13 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-27 21:13:12 ----A---- C:\Windows\system32\win32k.sys
2016-11-27 21:13:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-27 21:13:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-27 21:13:11 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-27 21:13:11 ----A---- C:\Windows\system32\urlmon.dll
2016-11-27 21:13:11 ----A---- C:\Windows\system32\ntdll.dll
2016-11-27 21:13:11 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-27 21:13:11 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-27 21:13:11 ----A---- C:\Windows\system32\iertutil.dll
2016-11-27 21:13:10 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-27 21:13:10 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-27 21:13:10 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-27 21:13:10 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-27 21:13:10 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-27 21:13:10 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-27 21:13:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-27 21:13:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-27 21:13:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-27 21:13:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-27 21:13:09 ----A---- C:\Windows\system32\win32spl.dll
2016-11-27 21:13:09 ----A---- C:\Windows\system32\clfs.sys
2016-11-27 21:13:09 ----A---- C:\Windows\system32\atmfd.dll
2016-11-27 21:13:08 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-27 21:13:08 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-27 21:13:08 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-27 21:13:08 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-27 21:13:08 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-27 21:13:07 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-27 21:13:07 ----A---- C:\Windows\system32\msctf.dll
2016-11-27 21:13:07 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-27 21:13:07 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-27 21:13:07 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-27 21:13:06 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-27 21:13:06 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-27 21:13:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-27 21:13:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-27 21:13:05 ----A---- C:\Windows\system32\input.dll
2016-11-27 21:13:05 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-27 21:13:04 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-27 21:13:04 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-27 21:13:04 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-27 21:13:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-27 21:13:03 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-27 21:13:03 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-27 21:13:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-27 21:13:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-27 21:12:59 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-27 21:12:59 ----A---- C:\Windows\system32\webcheck.dll
2016-11-27 21:12:59 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-27 21:12:59 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-27 21:12:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-27 21:12:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-27 21:12:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-27 21:12:58 ----A---- C:\Windows\system32\msrating.dll
2016-11-27 21:12:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-27 21:12:57 ----A---- C:\Windows\system32\certcli.dll
2016-11-27 21:12:56 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-27 21:12:55 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-27 21:12:52 ----A---- C:\Windows\system32\ieui.dll
2016-11-27 21:12:52 ----A---- C:\Windows\system32\iesetup.dll
2016-11-27 21:12:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-27 21:12:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-27 21:12:51 ----A---- C:\Windows\system32\occache.dll
2016-11-27 21:12:51 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-27 21:12:50 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-27 21:12:50 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-27 21:12:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-27 21:12:50 ----A---- C:\Windows\system32\inseng.dll
2016-11-27 21:12:50 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-27 21:12:50 ----A---- C:\Windows\system32\iernonce.dll
2016-11-27 21:12:49 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-27 21:12:49 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-27 21:12:49 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-27 21:12:49 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-27 21:12:48 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-27 21:12:48 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-27 21:12:48 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-27 21:12:48 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-27 21:12:48 ----A---- C:\Windows\system32\jscript.dll
2016-11-27 21:12:48 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-27 21:12:48 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-27 21:12:47 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-27 21:12:47 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-27 21:12:47 ----A---- C:\Windows\system32\vbscript.dll
2016-11-27 21:12:47 ----A---- C:\Windows\system32\INETRES.dll
2016-11-27 21:12:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-27 21:12:46 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-27 21:12:46 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\smss.exe
2016-11-27 21:12:46 ----A---- C:\Windows\system32\schannel.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\kernel32.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\kerberos.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-27 21:12:46 ----A---- C:\Windows\system32\advapi32.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\wow64win.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\wow64.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\winsrv.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\wdigest.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\sspicli.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\srcore.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\secur32.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\lsass.exe
2016-11-27 21:12:45 ----A---- C:\Windows\system32\lpk.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\fontsub.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-27 21:12:45 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-27 21:12:45 ----A---- C:\Windows\system32\dciman32.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\conhost.exe
2016-11-27 21:12:44 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-27 21:12:44 ----A---- C:\Windows\system32\srclient.dll
2016-11-27 21:12:44 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-27 21:12:44 ----A---- C:\Windows\system32\credssp.dll
2016-11-27 21:12:44 ----A---- C:\Windows\system32\atmlib.dll
2016-11-27 21:12:43 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-27 21:12:43 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-27 21:12:43 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-27 21:12:43 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-27 21:12:43 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-27 21:12:43 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-27 21:12:43 ----A---- C:\Windows\system32\rstrui.exe
2016-11-27 21:12:43 ----A---- C:\Windows\system32\auditpol.exe
2016-11-27 21:12:43 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-27 21:12:43 ----A---- C:\Windows\system32\appidapi.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-27 21:12:42 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-27 21:12:42 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-27 21:12:42 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-27 21:12:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-27 21:12:41 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-27 21:12:41 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-27 21:12:40 ----A---- C:\Windows\system32\tzres.dll
2016-11-27 21:12:40 ----A---- C:\Windows\system32\msobjs.dll
2016-11-27 21:12:40 ----A---- C:\Windows\system32\msaudite.dll
2016-11-27 21:12:40 ----A---- C:\Windows\system32\apisetschema.dll
2016-11-27 21:12:40 ----A---- C:\Windows\system32\adtschema.dll
2016-11-16 14:49:22 ----A---- C:\Windows\SYSWOW64\ssleay32.dll
2016-11-16 14:49:22 ----A---- C:\Windows\SYSWOW64\libeay32.dll
2016-11-15 23:19:01 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-11-15 23:18:49 ----D---- C:\Program Files (x86)\VulkanRT
2016-11-15 23:18:49 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-11-15 23:18:49 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-11-15 23:18:49 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-11-15 23:18:49 ----A---- C:\Windows\system32\vulkan-1.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvopencl.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvoglv64.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvinitx.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\NvIFR64.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvdispgenco6437586.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-11-15 23:15:58 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-11-15 23:15:58 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-11-15 23:15:58 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-11-15 23:15:58 ----A---- C:\Windows\system32\nvdispco6437586.dll
2016-11-15 23:15:58 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-11-15 23:15:58 ----A---- C:\Windows\system32\nvcuvid.dll
2016-11-15 23:15:58 ----A---- C:\Windows\system32\nvcuda.dll
2016-11-15 23:15:54 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-11-15 23:15:54 ----A---- C:\Windows\system32\nvcompiler.dll
2016-11-15 21:50:26 ----A---- C:\Windows\system32\nvspcap64.dll
2016-11-15 21:50:26 ----A---- C:\Windows\system32\nvspbridge64.dll
2016-11-15 21:50:26 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2016-11-15 21:50:25 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2016-11-15 21:50:25 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2016-11-15 21:48:53 ----A---- C:\Windows\NvContainerRecovery.bat
2016-11-15 21:45:34 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2016-11-15 21:45:34 ----A---- C:\Windows\system32\nvaudcap64v.dll
2016-11-15 21:45:34 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2016-11-15 21:45:33 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-11-15 21:45:33 ----A---- C:\Windows\system32\nvhdap64.dll
2016-11-15 21:45:33 ----A---- C:\Windows\system32\NvFBC64.dll
2016-11-15 21:45:33 ----A---- C:\Windows\system32\nvdispgenco6437570.dll
2016-11-15 21:45:33 ----A---- C:\Windows\system32\nvdispco6437570.dll
2016-11-15 21:45:33 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
======List of files/folders modified in the last 3 months======
2017-02-12 14:35:48 ----D---- C:\Program Files\trend micro
2017-02-12 14:23:41 ----D---- C:\Users\mat.mik\AppData\Roaming\uTorrent
2017-02-12 14:23:41 ----D---- C:\Users\mat.mik\AppData\Roaming\DAEMON Tools Lite
2017-02-12 14:23:38 ----D---- C:\Windows\System32
2017-02-12 14:23:37 ----D---- C:\Windows\Temp
2017-02-12 14:23:37 ----D---- C:\Windows\SoftwareDistribution
2017-02-12 14:23:37 ----D---- C:\Windows
2017-02-12 13:58:14 ----D---- C:\Windows\system32\LogFiles
2017-02-12 13:58:14 ----D---- C:\Windows\Prefetch
2017-02-12 13:58:13 ----D---- C:\Windows\Logs
2017-02-12 13:58:13 ----D---- C:\Windows\inf
2017-02-12 13:54:54 ----D---- C:\Windows\system32\config
2017-02-12 13:54:15 ----D---- C:\Users\mat.mik\AppData\Roaming\Origin
2017-02-12 13:53:54 ----D---- C:\ProgramData\Origin
2017-02-12 13:53:10 ----D---- C:\Program Files (x86)\Steam
2017-02-12 13:50:19 ----D---- C:\ProgramData\NVIDIA
2017-02-11 12:44:53 ----HD---- C:\ProgramData
2017-02-11 12:41:39 ----D---- C:\Windows\system32\drivers
2017-02-10 17:43:52 ----D---- C:\ProgramData\AVAST Software
2017-02-08 21:29:49 ----SHD---- C:\System Volume Information
2017-02-08 12:58:41 ----D---- C:\Windows\system32\Tasks
2017-02-08 12:55:15 ----D---- C:\Windows\winsxs
2017-02-07 13:58:13 ----D---- C:\Program Files (x86)\Origin
2017-02-02 17:41:17 ----D---- C:\Program Files (x86)\GalaxyClient
2017-01-26 22:41:12 ----RD---- C:\Program Files (x86)
2017-01-26 22:41:12 ----D---- C:\Windows\SysWOW64
2017-01-09 13:59:14 ----D---- C:\Windows\Tasks
2017-01-09 13:59:13 ----SHD---- C:\Windows\Installer
2017-01-09 13:59:12 ----D---- C:\Config.Msi
2016-12-28 19:33:01 ----RSD---- C:\Windows\assembly
2016-12-28 19:20:42 ----D---- C:\Hry
2016-12-28 16:12:10 ----D---- C:\Program Files (x86)\Common Files
2016-12-28 15:28:28 ----D---- C:\ProgramData\Package Cache
2016-12-20 17:52:07 ----HD---- C:\Windows\msdownld.tmp
2016-12-20 15:50:09 ----D---- C:\Program Files (x86)\Square-Enix
2016-12-20 15:49:40 ----D---- C:\GOG Games
2016-12-19 16:09:07 ----D---- C:\Program Filem (x86)
2016-12-19 14:50:52 ----D---- C:\Program Files (x86)\Rockstar Games
2016-12-19 14:50:48 ----D---- C:\Program Files\Rockstar Games
2016-12-19 09:57:19 ----D---- C:\Windows\system32\catroot2
2016-12-18 20:09:15 ----D---- C:\Windows\SYSWOW64\LogFiles
2016-12-18 20:09:12 ----D---- C:\Windows\debug
2016-12-13 20:08:33 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2016-11-28 13:53:05 ----D---- C:\Windows\rescache
2016-11-28 13:21:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-28 13:12:41 ----D---- C:\Program Files\Internet Explorer
2016-11-28 13:12:40 ----D---- C:\Windows\SYSWOW64\migration
2016-11-28 13:12:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-28 13:12:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-28 13:12:38 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-28 13:12:33 ----D---- C:\Windows\system32\migration
2016-11-28 13:12:33 ----D---- C:\Windows\system32\cs-CZ
2016-11-28 13:12:30 ----D---- C:\Windows\system32\en-US
2016-11-28 13:12:24 ----D---- C:\Windows\AppPatch
2016-11-28 13:12:22 ----D---- C:\Windows\system32\Boot
2016-11-23 11:26:36 ----A---- C:\Windows\SYSWOW64\ssins.exe
2016-11-15 23:19:31 ----D---- C:\ProgramData\NVIDIA Corporation
2016-11-15 23:19:00 ----D---- C:\Windows\system32\DriverStore
2016-11-15 21:50:25 ----D---- C:\Program Files\NVIDIA Corporation
2016-11-15 21:50:20 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-11-13 21:45:03 ----D---- C:\Windows\system32\MRT
2016-11-13 21:42:11 ----AC---- C:\Windows\system32\MRT.exe
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-02-26 645992]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-02-26 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-08-25 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-02-07 32088]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-02-07 100640]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-19 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2015-06-18 501216]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-03-20 118272]
S0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-02-07 189768]
S0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-02-07 334600]
S0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-02-07 48528]
S0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-02-07 74680]
S0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-02-10 337080]
S1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-02-07 309784]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-02-07 991496]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-02-07 547904]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-02-07 126088]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-02-07 162528]
S2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2015-11-05 146944]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-08-04 21622784]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-08-04 665088]
S3 AsrDrv101;AsrDrv101; \??\C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [2015-01-25 22280]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-02-07 38296]
S3 athr;Extensible Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athrx.sys [2013-01-22 2736640]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2015-07-15 96256]
S3 AX88772B;ASIX AX88772B USB2.0 to Fast Ethernet Adapter; C:\Windows\system32\DRIVERS\ax88772b.sys [2015-05-14 116224]
S3 INETMON;INETMON; \??\C:\Windows\System32\Drivers\INETMON.sys [2014-04-03 25800]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-07-30 3564376]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD.sys [2014-02-03 44744]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-10-26 212936]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-10-25 27584]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-10-25 46016]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-10-28 884952]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 XFDriver64;XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys []
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 68992]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-08-04 246784]
S2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-02-07 262736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-03-20 131544]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2015-05-07 271632]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-20 154584]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-20 398296]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-25 456640]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-11-10 458176]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-10-25 1163712]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-02-07 2184208]
S2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2016-08-22 76152]
S2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-11-04 20608]
S2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-06-18 246488]
S2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2016-11-23 4696960]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-02-07 7142136]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [2017-02-02 284736]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2016-11-10 6625856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-09-18 171072]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-27 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [2015-01-15 619776]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-25 456640]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2017-02-07 2122248]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-01-19 1464096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-28 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.14 (written by random/random)
Run by mat.mik at 2017-02-12 14:35:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 12 GB (7%) free of 171 GB
Total RAM: 8143 MB (85% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:35:54, on 12.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mat.mik_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [uTorrent] "C:\Users\mat.mik\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9881 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\CCleaner\CCleaner64.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\mat.mik\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\mat.mik\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=56.0.2924.87 --initial-client-data=0xf0,0xf4,0xf8,0xec,0xfc,0x74857598,0x748575bc,0x748575a4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1048 --on-initialized-event-handle=408 --parent-handle=412 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,*EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/LanguageInstall/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Default/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/EnabledOnDisk/PluginPowerSaverTiny/Enabled2/*QUIC/ControlJuly/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Enabled/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_45/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --primordial-pipe-token=CE8222AC4CB21F100E71A48B139F3B1B --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=CE8222AC4CB21F100E71A48B139F3B1B --renderer-client-id=5 --mojo-platform-channel-handle=1720 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,*EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/LanguageInstall/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Default/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/EnabledOnDisk/PluginPowerSaverTiny/Enabled2/*QUIC/ControlJuly/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Enabled/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_45/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --primordial-pipe-token=EC227F8681825234ABDBA90E1A151A16 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=EC227F8681825234ABDBA90E1A151A16 --renderer-client-id=3 --mojo-platform-channel-handle=3352 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,*EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/LanguageInstall/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Default/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/EnabledOnDisk/PluginPowerSaverTiny/Enabled2/*QUIC/ControlJuly/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Enabled/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_45/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsInterventionV2/Default/ --primordial-pipe-token=90158082814760463B410D14A41E9FFD --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=90158082814760463B410D14A41E9FFD --renderer-client-id=18 --mojo-platform-channel-handle=2332 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,*EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/LanguageInstall/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Default/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/*PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/EnabledOnDisk/PluginPowerSaverTiny/Enabled2/*QUIC/ControlJuly/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/*SignInPasswordPromo/Enable3/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Enabled/*TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_45/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsInterventionV2/Default/ --primordial-pipe-token=3029873C22EFE98B43622B9153C5AEBC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=3029873C22EFE98B43622B9153C5AEBC --renderer-client-id=22 --mojo-platform-channel-handle=5540 /prefetch:1
"C:\Users\mat.mik\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
C:\Windows\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\Windows\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\Windows\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1475492714 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-207457545-1061647583-4167263747-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Google Chrome=========
C:\Users\mat.mik\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 2 Avast SafePrice 12.0.102
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gomekmidlodglbbmalcneegieacbdmki 1 Avast Online Security 12.0.163
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5616.1121.0.3
Homepage:
default_search_provider.search_url:
C:\Users\mat.mik\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 11.6.602.180 Shockwave Flash C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll
Plugin Chrome Remote Desktop Viewer internal-remoting-viewer
Plugin Native Client C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll
Plugin 9.0.0.2008061100 Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
Plugin 1.3.25.11 Google Update C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
Plugin 4.0.5.0 Intel® Identity Protection Technology C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin 4.0.5.0 Intel® Identity Protection Technology C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}]
"URL"=https://www.google.com/search?trackid=s ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2016-02-15 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-02-07 883520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-02-15 210856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-07 758384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-07-26 13636824]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-10-25 1852352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\mat.mik\AppData\Roaming\uTorrent\uTorrent.exe [2017-02-02 2143936]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-01-19 2881824]
"GalaxyClient"=C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [2017-02-02 4006464]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2017-02-07 3044848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-02-07 205512]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2017-02-12 14:35:45 ----D---- C:\rsit
2017-02-12 14:23:41 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z..Z.Z.Z.ZZ
2017-02-11 12:44:53 ----D---- C:\ProgramData\SWCUTemp
2017-02-07 18:57:25 ----A---- C:\Windows\system32\drivers\aswbuniva.sys
2017-02-07 18:57:25 ----A---- C:\Windows\system32\drivers\aswbloga.sys
2017-02-07 18:57:24 ----A---- C:\Windows\system32\drivers\aswbidsha.sys
2017-02-07 18:57:24 ----A---- C:\Windows\system32\drivers\aswbidsdrivera.sys
2017-02-07 18:57:01 ----A---- C:\Windows\system32\aswBoot.exe
2017-01-27 15:09:54 ----SHD---- C:\ProgramData\DSS
2017-01-27 15:09:49 ----D---- C:\ProgramData\Codemasters
2017-01-26 22:41:13 ----A---- C:\Windows\system32\wrap_oal.dll
2017-01-26 22:41:12 ----D---- C:\Program Files (x86)\OpenAL
2017-01-26 22:41:12 ----A---- C:\Windows\system32\OpenAL32.dll
2017-01-26 22:41:11 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2017-01-26 22:41:10 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2017-01-26 22:22:31 ----D---- C:\Games
2017-01-26 18:31:45 ----D---- C:\Users\mat.mik\AppData\Roaming\Rise_Of_TB_Instaler
2017-01-24 22:11:41 ----D---- C:\Users\mat.mik\AppData\Roaming\Crystal Dynamics
2017-01-24 20:37:14 ----D---- C:\Program Files (x86)\Rise of the Tomb Raider
2017-01-09 19:31:53 ----D---- C:\Users\mat.mik\AppData\Roaming\LolClient
2017-01-09 14:06:24 ----D---- C:\ProgramData\Riot Games
2017-01-09 14:00:21 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2017-01-09 14:00:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2017-01-09 14:00:16 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2017-01-09 13:59:02 ----D---- C:\Riot Games
2017-01-09 13:56:21 ----D---- C:\Users\mat.mik\AppData\Roaming\Riot Games
2016-12-22 21:57:39 ----D---- C:\Program Files (x86)\R.G. Freedom
2016-12-20 18:03:13 ----D---- C:\Users\mat.mik\AppData\Roaming\Eidos Montreal
2016-12-19 20:02:42 ----A---- C:\Windows\system32\ISDone.dll
2016-12-18 22:29:57 ----D---- C:\Program Files (x86)\Origin Games
2016-11-27 21:13:20 ----A---- C:\Windows\system32\mshtml.dll
2016-11-27 21:13:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-27 21:13:16 ----A---- C:\Windows\system32\ieframe.dll
2016-11-27 21:13:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-27 21:13:14 ----A---- C:\Windows\system32\jscript9.dll
2016-11-27 21:13:13 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-27 21:13:13 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-27 21:13:13 ----A---- C:\Windows\system32\wininet.dll
2016-11-27 21:13:13 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-27 21:13:13 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-27 21:13:12 ----A---- C:\Windows\system32\win32k.sys
2016-11-27 21:13:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-27 21:13:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-27 21:13:11 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-27 21:13:11 ----A---- C:\Windows\system32\urlmon.dll
2016-11-27 21:13:11 ----A---- C:\Windows\system32\ntdll.dll
2016-11-27 21:13:11 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-27 21:13:11 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-27 21:13:11 ----A---- C:\Windows\system32\iertutil.dll
2016-11-27 21:13:10 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-27 21:13:10 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-27 21:13:10 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-27 21:13:10 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-27 21:13:10 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-27 21:13:10 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-27 21:13:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-27 21:13:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-27 21:13:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-27 21:13:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-27 21:13:09 ----A---- C:\Windows\system32\win32spl.dll
2016-11-27 21:13:09 ----A---- C:\Windows\system32\clfs.sys
2016-11-27 21:13:09 ----A---- C:\Windows\system32\atmfd.dll
2016-11-27 21:13:08 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-27 21:13:08 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-27 21:13:08 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-27 21:13:08 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-27 21:13:08 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-27 21:13:07 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-27 21:13:07 ----A---- C:\Windows\system32\msctf.dll
2016-11-27 21:13:07 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-27 21:13:07 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-27 21:13:07 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-27 21:13:06 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-27 21:13:06 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-27 21:13:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-27 21:13:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-27 21:13:05 ----A---- C:\Windows\system32\input.dll
2016-11-27 21:13:05 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-27 21:13:04 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-27 21:13:04 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-27 21:13:04 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-27 21:13:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-27 21:13:03 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-27 21:13:03 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-27 21:13:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-27 21:13:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-27 21:12:59 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-27 21:12:59 ----A---- C:\Windows\system32\webcheck.dll
2016-11-27 21:12:59 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-27 21:12:59 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-27 21:12:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-27 21:12:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-27 21:12:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-27 21:12:58 ----A---- C:\Windows\system32\msrating.dll
2016-11-27 21:12:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-27 21:12:57 ----A---- C:\Windows\system32\certcli.dll
2016-11-27 21:12:56 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-27 21:12:55 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-27 21:12:52 ----A---- C:\Windows\system32\ieui.dll
2016-11-27 21:12:52 ----A---- C:\Windows\system32\iesetup.dll
2016-11-27 21:12:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-27 21:12:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-27 21:12:51 ----A---- C:\Windows\system32\occache.dll
2016-11-27 21:12:51 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-27 21:12:50 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-27 21:12:50 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-27 21:12:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-27 21:12:50 ----A---- C:\Windows\system32\inseng.dll
2016-11-27 21:12:50 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-27 21:12:50 ----A---- C:\Windows\system32\iernonce.dll
2016-11-27 21:12:49 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-27 21:12:49 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-27 21:12:49 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-27 21:12:49 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-27 21:12:48 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-27 21:12:48 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-27 21:12:48 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-27 21:12:48 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-27 21:12:48 ----A---- C:\Windows\system32\jscript.dll
2016-11-27 21:12:48 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-27 21:12:48 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-27 21:12:47 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-27 21:12:47 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-27 21:12:47 ----A---- C:\Windows\system32\vbscript.dll
2016-11-27 21:12:47 ----A---- C:\Windows\system32\INETRES.dll
2016-11-27 21:12:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-27 21:12:46 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-27 21:12:46 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\smss.exe
2016-11-27 21:12:46 ----A---- C:\Windows\system32\schannel.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\kernel32.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\kerberos.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-27 21:12:46 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-27 21:12:46 ----A---- C:\Windows\system32\advapi32.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-27 21:12:45 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\wow64win.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\wow64.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\winsrv.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\wdigest.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\sspicli.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\srcore.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\secur32.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\lsass.exe
2016-11-27 21:12:45 ----A---- C:\Windows\system32\lpk.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\fontsub.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-27 21:12:45 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-27 21:12:45 ----A---- C:\Windows\system32\dciman32.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-27 21:12:45 ----A---- C:\Windows\system32\conhost.exe
2016-11-27 21:12:44 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-27 21:12:44 ----A---- C:\Windows\system32\srclient.dll
2016-11-27 21:12:44 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-27 21:12:44 ----A---- C:\Windows\system32\credssp.dll
2016-11-27 21:12:44 ----A---- C:\Windows\system32\atmlib.dll
2016-11-27 21:12:43 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-27 21:12:43 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-27 21:12:43 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-27 21:12:43 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-27 21:12:43 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-27 21:12:43 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-27 21:12:43 ----A---- C:\Windows\system32\rstrui.exe
2016-11-27 21:12:43 ----A---- C:\Windows\system32\auditpol.exe
2016-11-27 21:12:43 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-27 21:12:43 ----A---- C:\Windows\system32\appidapi.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-27 21:12:42 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-27 21:12:42 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-27 21:12:42 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-27 21:12:42 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-27 21:12:42 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-27 21:12:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-27 21:12:41 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-27 21:12:41 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-27 21:12:40 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-27 21:12:40 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-27 21:12:40 ----A---- C:\Windows\system32\tzres.dll
2016-11-27 21:12:40 ----A---- C:\Windows\system32\msobjs.dll
2016-11-27 21:12:40 ----A---- C:\Windows\system32\msaudite.dll
2016-11-27 21:12:40 ----A---- C:\Windows\system32\apisetschema.dll
2016-11-27 21:12:40 ----A---- C:\Windows\system32\adtschema.dll
2016-11-16 14:49:22 ----A---- C:\Windows\SYSWOW64\ssleay32.dll
2016-11-16 14:49:22 ----A---- C:\Windows\SYSWOW64\libeay32.dll
2016-11-15 23:19:01 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-11-15 23:18:49 ----D---- C:\Program Files (x86)\VulkanRT
2016-11-15 23:18:49 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-11-15 23:18:49 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-11-15 23:18:49 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-11-15 23:18:49 ----A---- C:\Windows\system32\vulkan-1.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-11-15 23:15:59 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvopencl.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvoglv64.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvinitx.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\NvIFR64.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\nvdispgenco6437586.dll
2016-11-15 23:15:59 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-11-15 23:15:58 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-11-15 23:15:58 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-11-15 23:15:58 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-11-15 23:15:58 ----A---- C:\Windows\system32\nvdispco6437586.dll
2016-11-15 23:15:58 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-11-15 23:15:58 ----A---- C:\Windows\system32\nvcuvid.dll
2016-11-15 23:15:58 ----A---- C:\Windows\system32\nvcuda.dll
2016-11-15 23:15:54 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-11-15 23:15:54 ----A---- C:\Windows\system32\nvcompiler.dll
2016-11-15 21:50:26 ----A---- C:\Windows\system32\nvspcap64.dll
2016-11-15 21:50:26 ----A---- C:\Windows\system32\nvspbridge64.dll
2016-11-15 21:50:26 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2016-11-15 21:50:25 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2016-11-15 21:50:25 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2016-11-15 21:48:53 ----A---- C:\Windows\NvContainerRecovery.bat
2016-11-15 21:45:34 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2016-11-15 21:45:34 ----A---- C:\Windows\system32\nvaudcap64v.dll
2016-11-15 21:45:34 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2016-11-15 21:45:33 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-11-15 21:45:33 ----A---- C:\Windows\system32\nvhdap64.dll
2016-11-15 21:45:33 ----A---- C:\Windows\system32\NvFBC64.dll
2016-11-15 21:45:33 ----A---- C:\Windows\system32\nvdispgenco6437570.dll
2016-11-15 21:45:33 ----A---- C:\Windows\system32\nvdispco6437570.dll
2016-11-15 21:45:33 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
======List of files/folders modified in the last 3 months======
2017-02-12 14:35:48 ----D---- C:\Program Files\trend micro
2017-02-12 14:23:41 ----D---- C:\Users\mat.mik\AppData\Roaming\uTorrent
2017-02-12 14:23:41 ----D---- C:\Users\mat.mik\AppData\Roaming\DAEMON Tools Lite
2017-02-12 14:23:38 ----D---- C:\Windows\System32
2017-02-12 14:23:37 ----D---- C:\Windows\Temp
2017-02-12 14:23:37 ----D---- C:\Windows\SoftwareDistribution
2017-02-12 14:23:37 ----D---- C:\Windows
2017-02-12 13:58:14 ----D---- C:\Windows\system32\LogFiles
2017-02-12 13:58:14 ----D---- C:\Windows\Prefetch
2017-02-12 13:58:13 ----D---- C:\Windows\Logs
2017-02-12 13:58:13 ----D---- C:\Windows\inf
2017-02-12 13:54:54 ----D---- C:\Windows\system32\config
2017-02-12 13:54:15 ----D---- C:\Users\mat.mik\AppData\Roaming\Origin
2017-02-12 13:53:54 ----D---- C:\ProgramData\Origin
2017-02-12 13:53:10 ----D---- C:\Program Files (x86)\Steam
2017-02-12 13:50:19 ----D---- C:\ProgramData\NVIDIA
2017-02-11 12:44:53 ----HD---- C:\ProgramData
2017-02-11 12:41:39 ----D---- C:\Windows\system32\drivers
2017-02-10 17:43:52 ----D---- C:\ProgramData\AVAST Software
2017-02-08 21:29:49 ----SHD---- C:\System Volume Information
2017-02-08 12:58:41 ----D---- C:\Windows\system32\Tasks
2017-02-08 12:55:15 ----D---- C:\Windows\winsxs
2017-02-07 13:58:13 ----D---- C:\Program Files (x86)\Origin
2017-02-02 17:41:17 ----D---- C:\Program Files (x86)\GalaxyClient
2017-01-26 22:41:12 ----RD---- C:\Program Files (x86)
2017-01-26 22:41:12 ----D---- C:\Windows\SysWOW64
2017-01-09 13:59:14 ----D---- C:\Windows\Tasks
2017-01-09 13:59:13 ----SHD---- C:\Windows\Installer
2017-01-09 13:59:12 ----D---- C:\Config.Msi
2016-12-28 19:33:01 ----RSD---- C:\Windows\assembly
2016-12-28 19:20:42 ----D---- C:\Hry
2016-12-28 16:12:10 ----D---- C:\Program Files (x86)\Common Files
2016-12-28 15:28:28 ----D---- C:\ProgramData\Package Cache
2016-12-20 17:52:07 ----HD---- C:\Windows\msdownld.tmp
2016-12-20 15:50:09 ----D---- C:\Program Files (x86)\Square-Enix
2016-12-20 15:49:40 ----D---- C:\GOG Games
2016-12-19 16:09:07 ----D---- C:\Program Filem (x86)
2016-12-19 14:50:52 ----D---- C:\Program Files (x86)\Rockstar Games
2016-12-19 14:50:48 ----D---- C:\Program Files\Rockstar Games
2016-12-19 09:57:19 ----D---- C:\Windows\system32\catroot2
2016-12-18 20:09:15 ----D---- C:\Windows\SYSWOW64\LogFiles
2016-12-18 20:09:12 ----D---- C:\Windows\debug
2016-12-13 20:08:33 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2016-11-28 13:53:05 ----D---- C:\Windows\rescache
2016-11-28 13:21:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-28 13:12:41 ----D---- C:\Program Files\Internet Explorer
2016-11-28 13:12:40 ----D---- C:\Windows\SYSWOW64\migration
2016-11-28 13:12:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-28 13:12:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-28 13:12:38 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-28 13:12:33 ----D---- C:\Windows\system32\migration
2016-11-28 13:12:33 ----D---- C:\Windows\system32\cs-CZ
2016-11-28 13:12:30 ----D---- C:\Windows\system32\en-US
2016-11-28 13:12:24 ----D---- C:\Windows\AppPatch
2016-11-28 13:12:22 ----D---- C:\Windows\system32\Boot
2016-11-23 11:26:36 ----A---- C:\Windows\SYSWOW64\ssins.exe
2016-11-15 23:19:31 ----D---- C:\ProgramData\NVIDIA Corporation
2016-11-15 23:19:00 ----D---- C:\Windows\system32\DriverStore
2016-11-15 21:50:25 ----D---- C:\Program Files\NVIDIA Corporation
2016-11-15 21:50:20 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-11-13 21:45:03 ----D---- C:\Windows\system32\MRT
2016-11-13 21:42:11 ----AC---- C:\Windows\system32\MRT.exe
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-02-26 645992]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-02-26 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-08-25 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-02-07 32088]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-02-07 100640]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-19 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2015-06-18 501216]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-03-20 118272]
S0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-02-07 189768]
S0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-02-07 334600]
S0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-02-07 48528]
S0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-02-07 74680]
S0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-02-10 337080]
S1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-02-07 309784]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-02-07 991496]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-02-07 547904]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-02-07 126088]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-02-07 162528]
S2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2015-11-05 146944]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-08-04 21622784]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-08-04 665088]
S3 AsrDrv101;AsrDrv101; \??\C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [2015-01-25 22280]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-02-07 38296]
S3 athr;Extensible Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athrx.sys [2013-01-22 2736640]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2015-07-15 96256]
S3 AX88772B;ASIX AX88772B USB2.0 to Fast Ethernet Adapter; C:\Windows\system32\DRIVERS\ax88772b.sys [2015-05-14 116224]
S3 INETMON;INETMON; \??\C:\Windows\System32\Drivers\INETMON.sys [2014-04-03 25800]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-07-30 3564376]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD.sys [2014-02-03 44744]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-10-26 212936]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-10-25 27584]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-10-25 46016]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-10-28 884952]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 XFDriver64;XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys []
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 68992]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-08-04 246784]
S2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-02-07 262736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-03-20 131544]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2015-05-07 271632]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-20 154584]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-20 398296]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-25 456640]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-11-10 458176]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-10-25 1163712]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-02-07 2184208]
S2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2016-08-22 76152]
S2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-11-04 20608]
S2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-06-18 246488]
S2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2016-11-23 4696960]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-02-07 7142136]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [2017-02-02 284736]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2016-11-10 6625856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-09-18 171072]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-27 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [2015-01-15 619776]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-25 456640]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2017-02-07 2122248]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-01-19 1464096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-28 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: PC se dokola restartuje - nouzový režim funguje
Zdravím!
Z toho nouz. režimu zkuste obnovu systému k datu, kdy korketně fungoval.
Z toho nouz. režimu zkuste obnovu systému k datu, kdy korketně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
[ACze]miky
- Návštěvník
- Příspěvky: 206
- Registrován: 01 pro 2010 16:41
Re: PC se dokola restartuje - nouzový režim funguje
Bohužel, kvůli místu na disku jsem všechny body smazal a neudělal jsem si novej. Vím, jsem blbec 
.
.-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: PC se dokola restartuje - nouzový režim funguje
Tak to jste si asi zavařil. Zkuste poslední známou funkční konfiguraci.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
[ACze]miky
- Návštěvník
- Příspěvky: 206
- Registrován: 01 pro 2010 16:41
Re: PC se dokola restartuje - nouzový režim funguje
Poslední známá funkční konfigurace zatím jde, ale to neřeší problém ne? To bych musel počítač zapínat pořád v té poslední známé konfiguraci. Nebo máte na mysli že bych měl udělat bod obnovení z té poslední konfigurace a pak systém obnovit?
EDIT: Zkusil jsem test v MBAMU a tady je výsledek. Mám všechny nalezené soubory smazat?
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 12.02.17
Čas skenování: 15:57
Logovací soubor: mbamlog.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.50
Aktualizovat verzi balíku komponent: 1.0.1242
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: matmik-PC\mat.mik
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 312175
Uplynulý čas: 3 min, 41 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 4
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update SourceApp, Žádná uživatelská akce, [71], [254030],1.0.1242
PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Žádná uživatelská akce, [71], [-1],0.0.0
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, Žádná uživatelská akce, [71], [-1],0.0.0
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util SourceApp, Žádná uživatelská akce, [71], [254030],1.0.1242
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 2
PUP.Optional.OpenCandy, C:\Users\mat.mik\AppData\Roaming\OpenCandy\BEF5FCDFEE72471DA3895B1F43347111, Žádná uživatelská akce, [644], [173202],1.0.1242
PUP.Optional.OpenCandy, C:\USERS\MAT.MIK\APPDATA\ROAMING\OpenCandy, Žádná uživatelská akce, [644], [173202],1.0.1242
Soubor: 3
PUP.Optional.OpenCandy, C:\Users\mat.mik\AppData\Roaming\OpenCandy\BEF5FCDFEE72471DA3895B1F43347111\AVG-PC-TuneUp2015_CS_2200604.exe, Žádná uživatelská akce, [644], [173202],1.0.1242
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, Žádná uživatelská akce, [71], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Žádná uživatelská akce, [71], [-1],0.0.0
Fyzický sektor: 0
EDIT: Zkusil jsem test v MBAMU a tady je výsledek. Mám všechny nalezené soubory smazat?
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 12.02.17
Čas skenování: 15:57
Logovací soubor: mbamlog.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.50
Aktualizovat verzi balíku komponent: 1.0.1242
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: matmik-PC\mat.mik
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 312175
Uplynulý čas: 3 min, 41 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 4
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update SourceApp, Žádná uživatelská akce, [71], [254030],1.0.1242
PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Žádná uživatelská akce, [71], [-1],0.0.0
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, Žádná uživatelská akce, [71], [-1],0.0.0
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util SourceApp, Žádná uživatelská akce, [71], [254030],1.0.1242
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 2
PUP.Optional.OpenCandy, C:\Users\mat.mik\AppData\Roaming\OpenCandy\BEF5FCDFEE72471DA3895B1F43347111, Žádná uživatelská akce, [644], [173202],1.0.1242
PUP.Optional.OpenCandy, C:\USERS\MAT.MIK\APPDATA\ROAMING\OpenCandy, Žádná uživatelská akce, [644], [173202],1.0.1242
Soubor: 3
PUP.Optional.OpenCandy, C:\Users\mat.mik\AppData\Roaming\OpenCandy\BEF5FCDFEE72471DA3895B1F43347111\AVG-PC-TuneUp2015_CS_2200604.exe, Žádná uživatelská akce, [644], [173202],1.0.1242
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, Žádná uživatelská akce, [71], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Žádná uživatelská akce, [71], [-1],0.0.0
Fyzický sektor: 0
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: PC se dokola restartuje - nouzový režim funguje
Pokud není systém nějak vážně poškozen, měl by teď nastatovat normálně. Smažte všechny MBAMem nalezené položky.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
[ACze]miky
- Návštěvník
- Příspěvky: 206
- Registrován: 01 pro 2010 16:41
Re: PC se dokola restartuje - nouzový režim funguje
Tak najednou všechno funguje, už asi 30 minut jedu bez restartu, tak paráda. Opět děkuji moc za pomoc. Takže problém byl v nějaké špatné konfiguraci? Divné ale, že se to najednou začalo restartovat zrovna při hraní.
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: PC se dokola restartuje - nouzový režim funguje
V konfiguraci ani ne. Spíše se něco neregulérně nainstalovalo a to bránilo v nastartování do normálního režimu. Rádo se stalo.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?