VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

WMI Provider Host využívá CPU

https://forum.viry.cz:443/viewtopic.php?t=142914

Stránka 1 z 2

WMI Provider Host využívá CPU

Napsal: 09 úno 2015 21:40
od lukbe
Dobrý den, mám zajímavý problém s WMI Provider Host.
Když si dám správce uloh tak tento proces chvíli vytěžuje cpu na 0% a poté zas na +-2% a takto to stále lítá každých 10 sekund.
nevíte čím by to mohlo být ?
Zkoušel jsem v msconfig -->> služby-->>skrýt všechny služby MS -->>. a poté zakázat mnou doinstalované služby --->> restart
ale problém stále přetrvává.
vzdy WMI Provider Host využití cpu 2% tak na 10 sekund poté 0% na 10 sekund a stále dokola...
Jinak jedná se o notebook Asus X550Vb, Windows 8.1 ( poslední aktualizace nainstalovány), aktualizovány všechny ovladače HW.
Nevíte co by to mohlo způsobovat zda jde o vir nebo naka chyba win ??

Re: WMI Provider Host využívá CPU

Napsal: 09 úno 2015 22:05
od lukbe
Log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lukáš at 2015-02-09 22:05:00
Microsoft Windows 8.1 Pro
System drive C: has 112 GB (47%) free of 238 GB
Total RAM: 8078 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:05:01, on 9. 2. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Lukáš\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Users\Lukáš\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\syswow64\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lukáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKCU\..\Run: [MiPhoneManager] "C:\Users\Lukáš\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_032E85145F9C73D9B43D5ED2AF6BF5BD] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - Startup: Dropbox.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Cadence License Manager - Flexera Software, Inc. - C:\Cadence\LicenseManager\lmgrd.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10480 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Cadence\LicenseManager\lmgrd.exe
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
dashost.exe {441a6fdd-02d5-4eb7-a75d251a1d1e2abe}
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
system32\RAPID\SamsungRapidSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ngservice.exe pipeserver
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Cadence\LicenseManager\lmgrd.exe" -c "C:\Cadence\LicenseManager\license.dat" -l "C:\Cadence\LicenseManager\debug.log" -z
C:\Cadence\LicenseManager\cdslmd -T lukbe 11.9 -1 -c "C:\Cadence\LicenseManager\license.dat" --lmgrd_start 54d90d38 -l "C:\Cadence\LicenseManager\debug.log"
"C:\Program Files (x86)\Browny02\BrYNSvc.exe"

C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv

winlogon.exe
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
taskhostex.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe"
"C:\Users\Lukáš\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4868.0.2014896641\1246363252" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.4061 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.1.10629743\1770059214" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.2.1382187325\254525965" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.6.2049163797\363348055" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.7.766616799\1137267463" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.9.1065660384\223896135" /prefetch:673131151
"C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
"C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
"C:\Users\Lukáš\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.35.922270607\2080168674" /prefetch:673131151
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.94.703634528\1167894337" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.103.185168381\840909096" /prefetch:673131151
"C:\Windows\syswow64\wwahost.exe" -ServerName:App.wwa
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.107.1309391752\1478254495" /prefetch:673131151
"C:\Windows\System32\Taskmgr.exe" /2
"C:\Windows\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.Mail.wwa
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.110.2137128150\825009918" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.112.207011482\1255865007" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/Command-Line-Disabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4868.115.1579075612\2054893536" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 552 560 568 65536 564
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lukáš\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\MATLAB R2014a Startup Accelerator.job - C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-10 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08 163720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08 163720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-10 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08 163720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-13 2531472]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"SamsungRapidApp"=C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [2014-09-16 281776]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MiPhoneManager"=C:\Users\Lukáš\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [2015-01-30 146224]
"GoogleChromeAutoLaunch_032E85145F9C73D9B43D5ED2AF6BF5BD"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-02-04 843592]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2014-12-19 458456]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2015-01-28 17018880]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-26 5227112]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2014-05-08 3499896]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096]

C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Lukáš\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-09 21:59:31 ----D---- C:\rsit
2015-02-09 20:38:54 ----D---- C:\Windows\SYSWOW64\NV
2015-02-09 20:38:54 ----D---- C:\Windows\system32\NV
2015-02-09 20:38:26 ----D---- C:\Windows\LastGood
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-02-09 20:37:46 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvopencl.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvoglv64.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\NvIFR64.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\NvFBC64.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvdispgenco6434725.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvdispco6434725.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvcuvid.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvcuda.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvcompiler.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\nvapi64.dll
2015-02-09 20:37:46 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2015-02-09 20:37:46 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-02-09 20:36:36 ----D---- C:\NVIDIA
2015-02-09 20:31:52 ----D---- C:\Windows\LastGood.Tmp
2015-02-09 20:30:55 ----A---- C:\Windows\SYSWOW64\IntelOpenCL32.dll
2015-02-09 20:30:55 ----A---- C:\Windows\SYSWOW64\IntelCpHeciSvc.exe
2015-02-09 20:30:55 ----A---- C:\Windows\SYSWOW64\igfxexps32.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiWinNextAgent64.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiVAD64.exe
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiUtils64.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiUMS64.exe
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiSilenceFilter64.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiMux64.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiMCUMD64.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiLogServer64.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiDDEAgent64.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiAudioFilter64.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelWiDiAAC64.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\IntelOpenCL64.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\igfxOSP.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\igfxLHMLibv2_0.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\igfxLHMLib.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\igfxext.exe
2015-02-09 20:30:55 ----A---- C:\Windows\system32\igfxexps.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\igfxEMLibv2_0.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\igfxEMLib.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\igfxDILibv2_0.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\igfxDILib.dll
2015-02-09 20:30:55 ----A---- C:\Windows\system32\igfxCoIn_v4061.dll
2015-02-09 20:30:54 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2015-02-09 20:30:54 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2015-02-09 20:30:54 ----A---- C:\Windows\SYSWOW64\igfx11cmrt32.dll
2015-02-09 20:30:54 ----A---- C:\Windows\SYSWOW64\igdumdim32.dll
2015-02-09 20:30:54 ----A---- C:\Windows\SYSWOW64\igdrcl32.dll
2015-02-09 20:30:54 ----A---- C:\Windows\SYSWOW64\igdmd32.dll
2015-02-09 20:30:54 ----A---- C:\Windows\system32\igfxDHLibv2_0.dll
2015-02-09 20:30:54 ----A---- C:\Windows\system32\igfxDHLib.dll
2015-02-09 20:30:54 ----A---- C:\Windows\system32\igfxCUIServicePS.dll
2015-02-09 20:30:54 ----A---- C:\Windows\system32\igfxcmrt64.dll
2015-02-09 20:30:54 ----A---- C:\Windows\system32\igfxcmjit64.dll
2015-02-09 20:30:54 ----A---- C:\Windows\system32\igfx11cmrt64.dll
2015-02-09 20:30:54 ----A---- C:\Windows\system32\igdrcl64.dll
2015-02-09 20:30:54 ----A---- C:\Windows\system32\igdmd64.dll
2015-02-09 20:30:54 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2015-02-09 20:30:53 ----A---- C:\Windows\SYSWOW64\igdfcl32.dll
2015-02-09 20:30:53 ----A---- C:\Windows\SYSWOW64\igdde32.dll
2015-02-09 20:30:53 ----A---- C:\Windows\SYSWOW64\igdbcl32.dll
2015-02-09 20:30:53 ----A---- C:\Windows\SYSWOW64\igdail32.dll
2015-02-09 20:30:53 ----A---- C:\Windows\SYSWOW64\ig7icd32.dll
2015-02-09 20:30:53 ----A---- C:\Windows\system32\igdfcl64.dll
2015-02-09 20:30:53 ----A---- C:\Windows\system32\igdde64.dll
2015-02-09 20:30:53 ----A---- C:\Windows\system32\igdbcl64.dll
2015-02-09 20:30:53 ----A---- C:\Windows\system32\igdail64.dll
2015-02-09 20:30:53 ----A---- C:\Windows\system32\ig7icd64.dll
2015-02-09 20:30:52 ----A---- C:\Windows\system32\Gfxv4_0.exe
2015-02-09 20:30:52 ----A---- C:\Windows\system32\Gfxv2_0.exe
2015-02-09 20:30:52 ----A---- C:\Windows\system32\GfxUIEx.exe
2015-02-09 20:30:52 ----A---- C:\Windows\system32\DPTopologyAppv2_0.exe
2015-02-09 20:30:52 ----A---- C:\Windows\system32\DPTopologyApp.exe
2015-02-09 20:30:52 ----A---- C:\Windows\system32\difx64.exe
2015-02-09 20:30:52 ----A---- C:\Windows\system32\CustomModeAppv2_0.exe
2015-02-09 20:30:52 ----A---- C:\Windows\system32\CustomModeApp.exe
2015-02-03 08:33:12 ----HD---- C:\OneDriveTemp
2015-02-01 15:35:27 ----D---- C:\Users\Lukáš\AppData\Roaming\Zoner
2015-02-01 15:35:23 ----D---- C:\ProgramData\Zoner
2015-02-01 15:35:04 ----D---- C:\Program Files\Zoner
2015-01-25 13:16:11 ----A---- C:\Windows\system32\aspnet_counters.dll
2015-01-25 13:16:05 ----A---- C:\Windows\SYSWOW64\aspnet_counters.dll
2015-01-19 14:07:04 ----D---- C:\Users\Lukáš\AppData\Roaming\e-academy Inc
2015-01-19 11:11:05 ----D---- C:\Program Files\Common Files\DESIGNER
2015-01-19 11:10:50 ----D---- C:\Program Files\Microsoft Synchronization Services
2015-01-19 11:08:05 ----D---- C:\Program Files\Microsoft Analysis Services
2015-01-19 11:08:05 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2015-01-19 11:08:04 ----D---- C:\Program Files (x86)\Microsoft Office
2015-01-19 11:07:56 ----RHD---- C:\MSOCache
2015-01-18 14:47:29 ----AD---- C:\Program Files (x86)\HDDScan-3.3
2015-01-14 08:51:56 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 08:51:56 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 08:51:56 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 08:51:55 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2015-01-14 08:51:55 ----A---- C:\Windows\SYSWOW64\wer.dll
2015-01-14 08:51:55 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2015-01-14 08:51:55 ----A---- C:\Windows\system32\WerFaultSecure.exe
2015-01-14 08:51:55 ----A---- C:\Windows\system32\wer.dll
2015-01-14 08:51:55 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:51:55 ----A---- C:\Windows\system32\Faultrep.dll
2015-01-14 08:51:55 ----A---- C:\Windows\system32\EncDump.dll
2015-01-14 08:51:55 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 08:51:55 ----A---- C:\Windows\system32\drivers\ahcache.sys
2015-01-14 08:51:55 ----A---- C:\Windows\system32\ci.dll
2015-01-14 08:51:55 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-12 19:12:00 ----D---- C:\Program Files (x86)\Bloody5

======List of files/folders modified in the last 1 month======

2015-02-09 22:05:00 ----D---- C:\Program Files\trend micro
2015-02-09 22:00:00 ----D---- C:\Windows\system32\sru
2015-02-09 20:57:47 ----D---- C:\Windows\Temp
2015-02-09 20:47:49 ----RD---- C:\Windows\System32
2015-02-09 20:47:49 ----D---- C:\Windows\Inf
2015-02-09 20:47:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-09 20:45:21 ----D---- C:\Users\Lukáš\AppData\Roaming\Dropbox
2015-02-09 20:41:01 ----D---- C:\Windows\Tasks
2015-02-09 20:40:24 ----D---- C:\Windows\SysWOW64
2015-02-09 20:38:53 ----D---- C:\ProgramData\NVIDIA
2015-02-09 20:38:39 ----D---- C:\temp
2015-02-09 20:38:27 ----D---- C:\Windows\system32\drivers
2015-02-09 20:38:26 ----D---- C:\Windows
2015-02-09 20:38:23 ----D---- C:\Windows\system32\DriverStore
2015-02-09 20:33:23 ----A---- C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-02-09 20:32:59 ----D---- C:\Windows\system32\catroot
2015-02-09 19:50:27 ----D---- C:\Windows\Microsoft.NET
2015-02-09 19:10:13 ----D---- C:\Users\Lukáš\AppData\Roaming\Skype
2015-02-09 17:55:28 ----SHD---- C:\Windows\Installer
2015-02-09 17:55:26 ----D---- C:\Program Files\Tracker Software
2015-02-09 15:06:51 ----D---- C:\Program Files (x86)\TeamViewer
2015-02-09 10:26:16 ----D---- C:\Windows\system32\config
2015-02-07 14:53:43 ----HD---- C:\Program Files\WindowsApps
2015-02-07 14:53:43 ----D---- C:\Windows\AppReadiness
2015-02-06 17:21:43 ----D---- C:\Windows\WinSxS
2015-02-06 17:21:43 ----D---- C:\Windows\CbsTemp
2015-02-05 17:29:04 ----D---- C:\Windows\system32\catroot2
2015-02-04 08:49:02 ----D---- C:\Users\Lukáš\AppData\Roaming\vlc
2015-02-04 08:46:36 ----RD---- C:\Program Files (x86)
2015-02-03 20:31:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-02 11:51:30 ----RD---- C:\Program Files
2015-02-01 15:35:23 ----HD---- C:\ProgramData
2015-02-01 12:46:08 ----D---- C:\Windows\rescache
2015-02-01 12:42:35 ----D---- C:\Windows\system32\Tasks
2015-01-28 22:49:53 ----D---- C:\Program Files (x86)\ASUS
2015-01-28 11:27:21 ----RSD---- C:\Windows\assembly
2015-01-26 20:09:56 ----D---- C:\Users\Lukáš\AppData\Roaming\SPB_16.6
2015-01-26 19:20:29 ----SHD---- C:\System Volume Information
2015-01-26 19:20:29 ----D---- C:\Windows\Logs
2015-01-21 23:17:12 ----D---- C:\ProgramData\Oracle
2015-01-21 23:16:27 ----D---- C:\Program Files (x86)\Common Files
2015-01-21 23:16:12 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-01-21 23:16:08 ----D---- C:\Program Files (x86)\Java
2015-01-21 17:33:17 ----D---- C:\Program Files (x86)\ControlCenter4
2015-01-21 08:13:50 ----D---- C:\Windows\system32\NDF
2015-01-19 14:07:04 ----SD---- C:\Users\Lukáš\AppData\Roaming\Microsoft
2015-01-19 11:11:59 ----D---- C:\ProgramData\Microsoft Help
2015-01-19 11:11:09 ----RSD---- C:\Windows\Fonts
2015-01-19 11:11:05 ----D---- C:\Program Files\Common Files
2015-01-19 11:10:51 ----D---- C:\Program Files\Common Files\microsoft shared
2015-01-19 11:10:42 ----SD---- C:\ProgramData\Microsoft
2015-01-19 11:10:42 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2015-01-19 11:10:42 ----D---- C:\Program Files\Microsoft Office
2015-01-19 11:10:42 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-01-19 11:08:06 ----D---- C:\Windows\ShellNew
2015-01-16 00:41:19 ----D---- C:\Program Files (x86)\Google
2015-01-16 00:27:15 ----D---- C:\Windows\system32\CodeIntegrity
2015-01-14 10:15:08 ----D---- C:\Windows\system32\MRT
2015-01-14 10:12:25 ----A---- C:\Windows\system32\MRT.exe
2015-01-10 17:19:08 ----D---- C:\ProgramData\Skype
2015-01-10 17:19:07 ----RD---- C:\Program Files (x86)\Skype
2015-01-10 09:07:47 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-01-10 09:07:47 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-01-10 09:07:47 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-01-10 09:07:47 ----A---- C:\Windows\system32\nvinitx.dll
2015-01-10 00:30:01 ----A---- C:\Windows\system32\nvsvc64.dll
2015-01-10 00:30:01 ----A---- C:\Windows\system32\nvcpl.dll
2015-01-10 00:29:53 ----A---- C:\Windows\system32\nvvsvc.exe
2015-01-10 00:29:53 ----A---- C:\Windows\system32\nvsvcr.dll
2015-01-10 00:29:52 ----A---- C:\Windows\system32\nvshext.dll
2015-01-10 00:29:52 ----A---- C:\Windows\system32\nvmctray.dll
2015-01-10 00:29:52 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-01-10 00:29:52 ----A---- C:\Windows\system32\nv3dappshext.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-10 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-10 267632]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-01-10 31376]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver; C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys [2014-09-16 268976]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr; C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys [2014-09-16 111280]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-10 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-10 436624]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-10 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-10 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-10 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-10 271752]
R3 athr;@oem16.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-08-14 3837440]
R3 ATP;@oem11.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2013-06-28 65784]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-01-28 593000]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 HIDSwitch;@oem2.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2013-11-04 20280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-01-08 3775928]
R3 IntcDAud;@oem14.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-10-20 454416]
R3 iwdbus;@oem6.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-11-04 27032]
R3 MEIx64;@oem1.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-17 62784]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-01-10 10274448]
R3 RSBASTOR;@oem10.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2012-10-08 298640]
R3 RTL8168;@oem13.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-11-29 838872]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\System32\drivers\serscan.sys [2014-10-29 11776]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 androidusb;@oem22.inf,%androidusb.SvcDesc%;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-11-04 38296]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-10 50344]
R2 Cadence License Manager;Cadence License Manager; C:\Cadence\LicenseManager\lmgrd.exe [2013-03-06 1379664]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-09-13 2466448]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-01-08 319080]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-01-10 935056]
R2 SamsungRapidSvc;Samsung RAPID Mode Service; C:\Windows\system32\RAPID\SamsungRapidSvc.exe [2014-09-16 28848]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-01-30 5429520]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-10 4012248]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-06-05 266240]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-01-08 280680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16 107912]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]

-----------------EOF-----------------

Re: WMI Provider Host využívá CPU

Napsal: 09 úno 2015 22:56
od Roli
Zdravím, WMI může být jak vir tak legální služba a jen jí něco dokola probouzí.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Nakonec použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !

Re: WMI Provider Host využívá CPU

Napsal: 09 úno 2015 23:08
od lukbe
Ccleaner používám poměrně pravidelně, jednou za týden/ 14 dní.

Jinak jak je u Mbam tan obrázkový návod, tak bohužel tam nic není vidět, jen Click and discover imageshack.


Report z Adw:

# AdwCleaner v4.110 - Logfile created 09/02/2015 at 23:05:36
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Lukáš - LUKBE
# Running from : C:\Users\Lukáš\Desktop\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik
File Deleted : C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v40.0.2214.111

[C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ATU2&o=14670&locale=en_EU&apn_uid=4702f205-eeb3-47d5-b7d4-64f03a96a089&apn_ptnrs=T8&apn_sauid=BC4684F5-6E70-4574-A637-A8805A7B31CA&apn_dtid=YYYYYYYYCZ&q={searchTerms}
[C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ATU2&o=14670&locale=en_EU&apn_uid=4702f205-eeb3-47d5-b7d4-64f03a96a089&apn_ptnrs=T8&apn_sauid=BC4684F5-6E70-4574-A637-A8805A7B31CA&apn_dtid=YYYYYYYYCZ&q={searchTerms}
[C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web

*************************

AdwCleaner[R1].txt - [1800 bytes] - [09/02/2015 23:03:41]
AdwCleaner[S1].txt - [1737 bytes] - [09/02/2015 23:05:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1796 bytes] ##########

Re: WMI Provider Host využívá CPU

Napsal: 10 úno 2015 15:14
od lukbe
Zde log z Mbam:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10. 2. 2015
Čas skenování: 15:08:07
Protokol:
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.02.10.07
Databáze rootkitů: v2015.02.03.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Lukáš

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 334935
Uplynulý čas: 6 min, 28 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

Re: WMI Provider Host využívá CPU

Napsal: 10 úno 2015 17:59
od Roli
Spusť skener Cure It podle TOHOTO návodu

po skončení skenu mi sem nakopíruj výsledky - stačí konec logu se souhrnem.

(Upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)

Re: WMI Provider Host využívá CPU

Napsal: 10 úno 2015 18:42
od lukbe
Doufám že to je ono, jelikož ta aktuální verze neodpovídá verzi která je v návodu.

Total 7972420063 bytes in 25886 files scanned (33528 objects)
Total 25853 files (33487 objects) are clean
There are no infected objects detected
Total 41 files are raised error condition
Scan time is 00:06:20.996

Re: WMI Provider Host využívá CPU

Napsal: 11 úno 2015 17:41
od Roli
Ano je to ono, tím pádem máme vyčištěno a jak se chová PC ?

Re: WMI Provider Host využívá CPU

Napsal: 11 úno 2015 18:08
od lukbe
Pc se chová naprosto bez problémů, jen jak jsem psal u toho jednoho procesu WMI provider host pořád divně skáče využití CPU.
Zde jsem natočil video : https://onedrive.live.com/redir?resid=C ... ideo%2cmp4

Re: WMI Provider Host využívá CPU

Napsal: 11 úno 2015 18:33
od Roli
lukbe píše: u toho jednoho procesu WMI provider host pořád divně skáče využití CPU.
Tak tohle je naprosto v pohodě, kdyby to dělala nějaká breberka, kterou tam nemáš, tak to lítá okolo 30-40%.

Re: WMI Provider Host využívá CPU

Napsal: 11 úno 2015 20:34
od lukbe
A nenapadá Vás co by to mohlo dělat ?

Re: WMI Provider Host využívá CPU

Napsal: 12 úno 2015 13:43
od Roli
lukbe píše:A nenapadá Vás co by to mohlo dělat ?
To může být cokoliv, Skype, Steam, systémový proces, .......

ZDE je pěkně popsáno jak to zjistit.

Re: WMI Provider Host využívá CPU

Napsal: 12 úno 2015 20:33
od lukbe
Tak tam skáče většinou toto:

Informace o zprostředkovateli (ProviderInfo) pro ID operace skupiny (GroupOperationId) = 352; Operace (Operation) = Provider::CreateInstanceEnum - CIMWin32 : Win32_Process; ID hostitele (HostID) = 2776; Název zprostředkovatele (ProviderName) = CIMWin32; GUID zprostředkovatele (ProviderGuid) = {d63a5850-8f16-11cf-9f47-00aa00bf345c}; Cesta (Path) = %systemroot%\system32\wbem\cimwin32.dll
Pokouším se haldat na webu nake řešení ale nic srozumitelného jsem nenašel....
Co by to mohlo způsobovat ?

Re: WMI Provider Host využívá CPU

Napsal: 13 úno 2015 20:29
od Roli
lukbe píše:Co by to mohlo způsobovat ?
Cesta ukazuje na systémový proces spojený s Frameworkem, já bych to neřešil, pokud by to byl vir tak CPU pojede řádově v desítkách procent jal jsem již psal.

Re: WMI Provider Host využívá CPU

Napsal: 15 úno 2015 20:48
od lukbe
Dobře, tak to necham... Moc děkuji za rady a kontrolu logů ...

:closed:
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz