VIRY.CZ

Dobrý večer, mám podezření z nějaké chyby, strašně pomalý prohlížeč, občas zamrzá a na cokoliv kliknu, tak vyskáče miliarda reklam a automaticky mi to otevírá reklamy, ADblock nepomáhá, spíš to ještě zhoršuje. Děkuji za pochopení.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Win7 at 2015-06-12 21:26:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 159 GB (33%) free of 477 GB
Total RAM: 6142 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:26:53, on 12.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe
C:\Program Files (x86)\Cool getWeather\cool_getweather_helper_service.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Win7.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\Windows\SysWOW64\nethtsrv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\Windows\SysWOW64\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9834 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {7D29AE97-C35A-4E20-AC1E-B6261B2E45D4}
taskeng.exe {41A59FF3-B568-43D6-BBED-E57F6676A619}
"C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe" /rawdata=eEnyDGZpyx/yyAOlo/+Kf8CNUeaTqIgXxYpTb0rE2zn29AD2luDqSCItOwOnBT6gF2Zj4TyoTKHXWS9AT9qFm03SSq8MSQQo0DDINMOebydOaZr9JNTD1VndPBGuwer5AXEOKE/X6l1fbbECI7H6ZqL3Y2pBkqlIMSLeON7VABdyOcwQ55uLr1fUoVpyvq+rsD1lQYM61Ps+teLZ/CHAzE+wsDvfEX2d+Xv+KfrQVn6dp5A9b9jwXeVvinhGVdeTeb546B8ug21Ar3PLbXYf3eYVWeG7vwq7UUXM+IJdV1hYNbYhb2RPOKEWmg+tIwL5DAiS68B9SBFp67gWPfuFaki/unkvn/nPub6FqwbZlQVdQ/eA68/MG6wbVrme7RzfruGiR+gDbI9U3kSKjfiJ3LKKdjURzi+1S0O/ukacgCN4RcPnvUorU61XkLmXG+crZ2seLrJw9rkIDk5sR+4MiZWjIkjx9Bch2nlfcax/FzML6Pn3qYQhMHkxzMwNH26ZqtaHSyopyptjy5PwOjNwNQLj2BxLVI+wIFVgqR4NdC3ibitq+Rw1sYRfvy7AGxgaEgvoO0uUtTHubXVMI0tzhDHZDwEhWRtqB55Q0e8G/+r4erJ61jVs7d04D3ko6S1zDxazyArKz8UIySli3RBr68V1BnFctAexZLcACzHmBbN3kkGmAdlIdnvD2+xgM2ynda4EVXA0fMtByuWL93EQ2ymt2X2VMiumzNDNqOCvxWuhqbhXHAcB5f1kExaodoTuMjzuNG7WEsi0unnYQ3MWpzRSiPq6fx5kdubtCi5BS4GgqtvGlG+SrFl7RslVyd6D6EOAkMUuBTCmw06/p8k03A==
"C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe" /rawdata=JQ4Zgg2iNy+QL1ZEj+NQU6x8a3wRlJM1HnH7aZvi9nAR0lR0s88Oy2nYovQeE0byS6g8hnHLxdEPlOecZ9XOFDZ8nG6tgpCu5SP5JUzeEFBDQqGBX1XthGR5XUrwC9fmHC1YsjkNqHeFjeunHE99SsTCeApSipvROuQKogMzDR23uZz86XKAx3DVehq3/Hizd5EzTEr2AX9y23I3zu6dN4EAhMQ7ADis7GCkaq/j4QtT2Lq5Qz0jOujndhQihMdWhYPc9z87C+e0Vw9c7dthwWEP7pLOCB/E4C0pi5uFQx3LUDvIig8PlOPzTdMSO9zhqEqyLTWXLIZx//C9N5A/OcX+XIsSIUXXmZiyedF6xncL0i2PKslDMz/VZtP6yxZcwOkAwRO8M6B5y3RPPaD2VlnOFWYL79iOtURSpOwT5mVCw/btQqsv3y8lNq3UoPGbXKyr4hT2AcODBeWKDn3qyvCAScDzjiAVKGmi9r+ad0KSJ2xVDUHjO9ywAj+zAEovtE2JmokCaEUYTKKkKYbxATIcKNJfu6swwnMtMBrkVyt9cx9jC4mG+y70iTdg/DjFKn/BtShgx4o+eixInGdUcHLW0SgdzJcmDvRO69pWPcNZs8R59aXnAxIcCaXLU8OVUDIXgs58NbcxzAkWKq85/yGCL1mhr2URd5IDppq3md61twGbZeYzei+nQrRWGyurh59YAhUtGz5zpWCh5SyjBP+wSdohZrkOXYUYY39bG35ANNlzfNLPG82DACAM8aje00hlOP3wtyDkDTUW/EFZswW9izQ9cVSI5m1MjPM0blhoIdC+FJL8WOQStQXqWBF7R/XI2z7wkg8vgmWno4hV/q8HAgu95eFnmdoEHf3FSwnsEG4XyWALqdAX5Qww7cgfmSpjX5OwL0myriNfrDuxj8q6wdspXJFx0tQBRX6hl6xfbHATS6PzoSQHjwPJuWEWmje/SZppnWBlKWHkSCYBnHt1oSgefyYXsZdKdx8g6XiyghqjP5GlxLz9PMZ5YQ0/hBVAmSwTpfB9OEEUzmemXK8PxzmMCFnT9eM+LASAcjC77Q76wzWPTBCk6IPYDRVhwVOG3+goYBA9asxUNEZXpJ+1ZPF+TuPi1jMZs/DX8CK/hy9I9xRv+4pEQWfNiTvHv0PVssQjNHOvsth5benFgZNtX1IhwxkjKUi2b7Vzpg8aRaHUN627aV3TLqNQ7NssMoiT5+E5687kgJzySYMtQc+YJ9YbQN71VyhJ1VTNZAV16JqABFpqwJsQsnSX9A1JW6kH7+7q9DfUpBS9iaExoDLiwKTTWSgI+TdGxXbkyjA/C+2j/4M9TvGPztpOWjxv4jhvIamJLVeNosSNk3p50l8pe5gngNuW1ue+3155aDawyzgwWTkpxcpADwiaoomGYQw433VU8XaB6zSJqK+zBteh+WewCrMqYvbOU39N3zR3D6PGGjvMjb3MG2RU99HcNv1VRyBF1w5OARTbNphVPYcxZ0N/sx0l4zlJ5AmdXq39hYWPE8M4SulqY/CvzKqSlt1YwhJPII+pqh5+Xc7C+UN9MfrItFc1fy+N/xdeWiBU1LeGZP/SLWMw4G2BekS9+1oX6/WU2el8tclMt1ELke/H/y9YNUnOcQa+Pqp9q25jhcoXDnGW484+W+UtSPt4MRQtoJl+eMTaQyYukMSMqqE7sxU13r0RgE+m/gbwqo/AVHR+zBkXy60/r326hb0+VPZKbuHeucCKjfNPtLl+a20nnf4Mwp3Zq01fp4yV0dNhI8toCWm9vAwLP0F+z3u7TFv3QDscaqXZzjpKJPiUQrISgzagSGKwYRxzAX0uSEOa02eu19IkfGgIQ7yix4/bNeLwNXPbR40+9iGTGaxehcIrFThWvG55WRP+5wpsBQDOpxouKp8+oco31oX78cY89yK5oESLugPlNoetFx+jjj5kH23n9IhmK090fDBt5wHKFrHz2/Q/NRnH1imfHzEKap0cThGQFib9h5GALa8WA/H7suJEeg77fjEBD3K6h/+xEVHsbf26YuHBuCNk83+wwLJpyYc7aGo7SvqXB+dEOCpkyKj3vJ16+1514rjYA8DPbIP+ybBh9fzzUicdfJDqHQOXni/5Nmx5D+PtwfUbKumaPgXLDmkGJly16LHdXDhqtRq0lrrrnj1i6IbX5IE44OFbYMAWCznb8AiezmAXCem89neWGIMW3Rv+lt4c7dZc5Uv3ycJEgkqBjsDI0NxS2SWGXc0YMROtBbVx0db8/iDSsuyYPT6OT7DlpeRC4eE6XsCyyoA/V7EwigcB1ujlF0m3HUQchkY7vB42ytUcUaBG3NcgFAXylqnjvi7BP52rYNXaqpeAGRHe8XTLkzA1yyZNbI+WkfupB5kvMsfNAF4CM8nq6tuCbZHhfp1AlPdOYpY1TuqxAYEyq6hOdbMoXqUp+rTbm4aUkl+MTtr9636LTcMwpaFPOiLbBe09SOnln5eq3eZGpgrmda+g9XuEgmnanS4C3ndxs26TCAkl9c+UhONjSCp6/QEOtFCmuL3JpSOkBPHWg8BVNOC5R/o2an6BcHWNFksReWnbrBCDX0VqGJxYWTZhGfHNmmdua1aJiMpyqn4cImuxMjgEt/BnD4Y00yO8yQI9cAeF2dNdA7gWXXx/mBijE/HutILvrwtQOmWmn2ia3uRUSmPfUKyr7EJE2g9rTWVx04AU7pyeoBkPMFoPLBYG07S6Xq+7zGY=
"C:\Program Files (x86)\Cool getWeather\cool_getweather_helper_service.exe" /installationtime=1432845467 /AppName="Cool getWeather"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe" /rawdata=x7wnFaqbUNLBN/NWjPPFP8r93psoY1V2CiritPomCN/fl6QFU3OKwLY/+/gzaOQXQKl3DREfcxE8H5RS7qS0pc051134/b8hCwoWx8kwJezolq8/20YRBxmSJV2jJdKW+5dxNIROZhS0QlbQwZuFYh1lxLffPlBNSKDoc2zWpqBPLvPnzJUs68SeqxQ9d8/XZu6LH5JXO07PAnHSMwBwZSs2DIfEART/G+D2lipyBB9j1DRaTLf0w75lQOu0F3KoVmEUEFsRDiFEPVher2ImVemxct8rxiUgr6LKjijONhURVaZvrTqv9MdrytBA3bpOZTkKlnwJXL02asKAWDZ27jmQZ0vPcf3d7vP4GzGL6vYfQqcs7AqHf8qq4/b50nqnhEOExp/vDU9lGd8ePNFGhXKO/txbIfFzklVG5s+K9QmxtSQWS8K4CdQ7Mfl8+tI0Flssj3e7vNYQlPKMYwwhVTm6z+F3VQKT2lndJ8+vzPr49NSpKxoTQdRz6UgPyKSJP9YzKXAS54vhpksY4cSHHbSEAYsWTs28zFj+pZ+S6KqOpQ/4sEvnnQVJwd/dWW7HeH80DW76xOHYUeAfydA3cQ8i885nKsMfT7A6YAWPCop2BbV4jTMJJG+ToEbgE4OFmi36qVGPGOGhgsAe6k/MWSmd5OfvPcKjSLVTYuFvdUJZfbd1Xm6FIvje9FoE6jrRmxGzIzIH8yZQlYaivStLqvL9FGuSa7wUA0+vTwJm5X9aExsSK4gBZ7Q7ddeh05M1nFwjg/W+rCw/Xg9+9JpCNm6gvjUArRnr4T89cOt0SANJM+RGWvBwgTmJCy/10tN5GH3uPHcVHa8eFRFqxuO19x6trjfn58J3TICNS/DuFek/x7egh2EupxJSr2dLC+tAa8X0eL4PHPWVVPrYsiElzFf8/xng0YNsURNZl9zcYsL8XCYYjlaRSeWApc7omNRF2dLn/ZYWlHsvdmXG6dp1IDPm8KjmZvqXUuhX92MEKJOyKU/PfRsYIuisIdgeEeoYsDucJ1SxUWEVvdFNkrYue9eVjUbSm2Zw3fbuLUs3S40pzOoaWk2P/owqYsjBSF7cszDnHTTvaBqx/4fchc3VM323xUvowNXc1VDkfvbGaWYeacRNNu2JgRZK8Z7tKFzjY9tkWrUWc6pUUwD+iN/TMk+pQhs7lEBTaEsXlKnTxkuFAZlM/Fd5Nmfwdqpb14eRTx5wbNURZ8gudm4Agi5A4njBQi3ZZI9J4Gr7J1krrQRhNmrJp6U078DubpTdgWd/F79Pu3EJT9nlztgDIUcqhYiOTRRxNOTwyBxJ/1ma6hd+6q8Iko/VgzwFCduRlZe/ewgpAMgCeqV1YjMSnxfMtA==
C:\Windows\SysWOW64\nethtsrv.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\netupdsrv.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
WLIDSvcM.exe 2556
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 80dd8e43-28e3-4e22-990c-27722e4adf3a 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "32466480390710283-14830595171893181930-9323799025058866441693780691236051132
\??\C:\Windows\system32\conhost.exe "351896112453643461761679494121692368121078664225430809401183080820-1160178182
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2576
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-af2b9927-4fcd-418e-bb7a-e0782c4e796f -SystemEventPortName:HostProcess-7c909b45-7bf1-41c8-9e90-d5dd11142ee2 -IoCancelEventPortName:HostProcess-ecec0ee2-6135-4684-a8e7-2e0d2b2db8d1 -NonStateChangingEventPortName:HostProcess-b145662d-8fef-4147-920b-d555bb7b09b6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ba048e66-9e50-435e-a8cf-1e6d8c05abc0 -DeviceGroupId:WpdFsGroup
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe" /runWithoutUpdating
"C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe" --type=renderer --disable-gpu --no-sandbox --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=en-US --log-file="C:\ProgramData\GOG.com\Galaxy\logs\cef.log" --log-severity=disable --disable-pepper-3d --disable-accelerated-compositing --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="5400.0.888542765\1113084842" /prefetch:673131151
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6764.0.2000958030\725851384" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44,53 --gpu-vendor-id=0x10de --gpu-device-id=0x1381 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.5306 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6764.1.796309753\1182981360" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6764.2.1176007820\1891621460" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6764.3.821523351\857249505" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6764.4.201190441\631558441" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6764.5.1383761024\1499026149" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6764.6.34131251\824469281" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6764.11.637046143\623566442" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6764.36.1682189280\1277211382" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6764.41.445601612\2093576700" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_EthersuggestPrefix_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/default/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6764.47.915791387\718764406" /prefetch:673131151
"C:\Users\Win7\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\AmiUpdXp.job - C:\Users\Win7\AppData\Local\32400\Updater.exe
C:\Windows\tasks\BYAIAMUF.job - C:\Users\Win7\AppData\Roaming\BYAIAMUF.exe /infocmdline=Mu8SFIwa33mfWamrE8z0/TxVs+lgU+4RcSDW0+AqYKCTr9MK4n2O/KOxod5roes4Xp+4OOM0MuuLc5n5+KmFL59gzSCZgsm0bwPmP/EdbXrcS9XFJHfy+a0hRs7MJACab2dyx51UYNxnTfKo/cpuYVZ7JzJMJUh3JIBAYR0UQrm3IYaQjEIii4qvgze/OpsFdxkWv9lbCe9+SUjCT5HuPvYmn8a93Fp6aL2gqFWrRUG51q0xnq02HvV14WWonniLtisoeLGMI+S65zGJMEOEhJkb3zxiYqTeKKVN1B6unNZyouz5SFTWFhS3ZGhM37KeqzpYkXS7ZNqOAbqPRBFf8KnDIAUemw2jScGMIFapC4OK5RUFHrggfChqixtrcIkZFpD+rq7hYPZC4HZOb0TGtYCY81Bk1XL/5LDSVzH7HqDBIcsBVGlP7StfFcxMET5ow+qC7OuldWgXJzhiRDLiLcQUtFrQr+MbtKEn96GypnKYhMGt13pWRp1o5QfjHRRgsZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=
C:\Windows\tasks\cool_getweather_helper_service.job - C:\Program Files (x86)\Cool getWeather\cool_getweather_helper_service.exe /installationtime=1432845467 /AppName="Cool getWeather"
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe /rawdata=x7wnFaqbUNLBN/NWjPPFP8r93psoY1V2CiritPomCN/fl6QFU3OKwLY/+/gzaOQXQKl3DREfcxE8H5RS7qS0pc051134/b8hCwoWx8kwJezolq8/20YRBxmSJV2jJdKW+5dxNIROZhS0QlbQwZuFYh1lxLffPlBNSKDoc2zWpqBPLvPnzJUs68SeqxQ9d8/XZu6LH5JXO07PAnHSMwBwZSs2DIfEART/G+D2lipyBB9j1DRaTLf0w75lQOu0F3KoVmEUEFsRDiFEPVher2ImVemxct8rxiUgr6LKjijONhURVaZvrTqv9MdrytBA3bpOZTkKlnwJXL02asKAWDZ27jmQZ0vPcf3d7vP4GzGL6vYfQqcs7AqHf8qq4/b50nqnhEOExp/vDU9lGd8ePNFGhXKO/txbIfFzklVG5s+K9QmxtSQWS8K4CdQ7Mfl8+tI0Flssj3e7vNYQlPKMYwwhVTm6z+F3VQKT2lndJ8+vzPr49NSpKxoTQdRz6UgPyKSJP9YzKXAS54vhpksY4cSHHbSEAYsWTs28zFj+pZ+S6KqOpQ/4sEvnnQVJwd/dWW7HeH80DW76xOHYUeAfydA3cQ8i885nKsMfT7A6YAWPCop2BbV4jTMJJG+ToEbgE4OFmi36qVGPGOGhgsAe6k/MWSmd5OfvPcKjSLVTYuFvdUJZfbd1Xm6FIvje9FoE6jrRmxGzIzIH8yZQlYaivStLqvL9FGuSa7wUA0+vTwJm5X9aExsSK4gBZ7Q7ddeh05M1nFwjg/W+rCw/Xg9+9JpCNm6gvjUArRnr4T89cOt0SANJM+RGWvBwgTmJCy/10tN5GH3uPHcVHa8eFRFqxuO19x6trjfn58J3TICNS/DuFek/x7egh2EupxJSr2dLC+tAa8X0eL4PHPWVVPrYsiElzFf8/xng0YNsURNZl9zcYsL8XCYYjlaRSeWApc7omNRF2dLn/ZYWlHsvdmXG6dp1IDPm8KjmZvqXUuhX92MEKJOyKU/PfRsYIuisIdgeEeoYsDucJ1SxUWEVvdFNkrYue9eVjUbSm2Zw3fbuLUs3S40pzOoaWk2P/owqYsjBSF7cszDnHTTvaBqx/4fchc3VM323xUvowNXc1VDkfvbGaWYeacRNNu2JgRZK8Z7tKFzjY9tkWrUWc6pUUwD+iN/TMk+pQhs7lEBTaEsXlKnTxkuFAZlM/Fd5Nmfwdqpb14eRTx5wbNURZ8gudm4Agi5A4njBQi3ZZI9J4Gr7J1krrQRhNmrJp6U078DubpTdgWd/F79Pu3EJT9nlztgDIUcqhYiOTRRxNOTwyBxJ/1ma6hd+6q8Iko/VgzwFCduRlZe/ewgpAMgCeqV1YjMSnxfMtA==
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.exe /rawdata=gHDwrUzuNjqMyrD+XrvYSVaVOZN7dhpfY0NNwy3RjAVssJfowOEsC0HMknIFo25kw87VOOXCqUT+LRKXInevR8SihvuKO75FopIY94v9jeJieHQ1IWijD1PeXArFFNmbwJQFDBI2GwRjZFsQ59jtmRGcgEdMD6J2FAacEdj8t5VwBjfICkDwrIlbvL6PI0CJOHJMViQf8kINR1UsyjYNMGqoYzAPl+1z+ycoPwjLLu6bIB3m9Fg19LnmCXSWDCDpxQyZvXSShZBmi2eVPwq+FXiiqIKo2oLcR/xxMA6ItlHlNDP8YyPAW4vDdeVqEeRLqFkzLgorA69UUFjzGVksiBwEbjdR/4N0YxrY24//Rc7vnV9QOKZg8rm/BzBQaSCHzpklfulBFkdTZESQTVFxMcp0VL+NF8lSOyhyq3lFpuj0xnLoQOLxtT23zZfOLlXVyhnSlKmwg4aRxYjos0WhhtYI2kMwGOKu+JTIF5eRGl+1FBEc4qf+ZcWI4Ya9hK0VGa4PUZxuweISQ8KodN87kXmbq2S5b+iHPTaYXi7Dl+db1krd9yitx6yLPYaj1aL4EqBSBXSLL136Xxk7PAXbnd1Ezqze+uKUJX4Wp5ZMJ5HBPKgSSu0zgVZpwlVKrNp5uhs7emmSvMGmHmNFyLAtnd1YJZjXZyCWKE0OYP2FKGpW+TcqJRJWDHUImsLQ7Bphnv9SzskBjIzM5qKh2pSS/qc/4//s3yw+Onr8IR5kEAeqryzyItCFPW8dw6+wxmrzUp3QMRh1o+TgZJnTTsbhylv87r4rnF4ND593eMoNZIkcQzzIgDiPWWL1Ws7s+o0mej/0hO2ipwy7k2aGddWzlEHYyVtWTcPtKvlM7gtmWzSlNaDeL0jRjfhFp7GAM9+22BvHUCHfrrsmfLxYdMXx6bPqgJ+6yLngD4891KV5aSJFBr8lPaW1v3IR1tVbmUcfTSQPF5UYfLKdpRdKtxyJO0yQgiAo7cN+33nm+efBgSoQwRiyo0+ytYxyMTR3FhgXXf85IHjB0co0hFxOkELAsxB/bxWpX5qRVYZzoboo19FYQaQu0zqwJdmDs/3Q27OHxKfvM6xneYv+zi1iMDgMTcbLTJDwVXnKsmM9+qLrPp9FH/Ufx3sYTKjNEP1CyiT8bRC4xMgiPCjsic7OyWm++yOKzL4CQV2b8quie3WRL3WXTH7NdJfCcyZ2XhLYI2hIkSQGdWI4TVRR8KDTJhpWANF7t1BWcAfDbCM1Gk3ZGEl7OZ7WxZgen2y1U1PyMk8iW6l9DEnoKQ+R998keEeGvPX+IivBJIdtA0fmfhIjvvBUbmwU6qP7H1i6JMiGdbS04DGJlqPPTVQyoRex6VaYPC0Zue/zVmndPW/BtIlhWdLAftD9qO37rkUnYX3+PP1V9+QFj8H8NV4V2Rq4hwJdundwgSbkX4G5FOLFKClTbCv1vFTpiKCXtfFBsd8DX3A+rzRB7PkiKQhPf4nzFTXNxCL0w8Cd8s/n7qyzZGcHLSDThZvwi7pMGBLLwQ5+0GDU
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe /rawdata=eEnyDGZpyx/yyAOlo/+Kf8CNUeaTqIgXxYpTb0rE2zn29AD2luDqSCItOwOnBT6gF2Zj4TyoTKHXWS9AT9qFm03SSq8MSQQo0DDINMOebydOaZr9JNTD1VndPBGuwer5AXEOKE/X6l1fbbECI7H6ZqL3Y2pBkqlIMSLeON7VABdyOcwQ55uLr1fUoVpyvq+rsD1lQYM61Ps+teLZ/CHAzE+wsDvfEX2d+Xv+KfrQVn6dp5A9b9jwXeVvinhGVdeTeb546B8ug21Ar3PLbXYf3eYVWeG7vwq7UUXM+IJdV1hYNbYhb2RPOKEWmg+tIwL5DAiS68B9SBFp67gWPfuFaki/unkvn/nPub6FqwbZlQVdQ/eA68/MG6wbVrme7RzfruGiR+gDbI9U3kSKjfiJ3LKKdjURzi+1S0O/ukacgCN4RcPnvUorU61XkLmXG+crZ2seLrJw9rkIDk5sR+4MiZWjIkjx9Bch2nlfcax/FzML6Pn3qYQhMHkxzMwNH26ZqtaHSyopyptjy5PwOjNwNQLj2BxLVI+wIFVgqR4NdC3ibitq+Rw1sYRfvy7AGxgaEgvoO0uUtTHubXVMI0tzhDHZDwEhWRtqB55Q0e8G/+r4erJ61jVs7d04D3ko6S1zDxazyArKz8UIySli3RBr68V1BnFctAexZLcACzHmBbN3kkGmAdlIdnvD2+xgM2ynda4EVXA0fMtByuWL93EQ2ymt2X2VMiumzNDNqOCvxWuhqbhXHAcB5f1kExaodoTuMjzuNG7WEsi0unnYQ3MWpzRSiPq6fx5kdubtCi5BS4GgqtvGlG+SrFl7RslVyd6D6EOAkMUuBTCmw06/p8k03A==
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.exe /rawdata=eMbYeuVSliNax57Luq95IskpqGmrlxHRFxl+ZOsvTzjPG0PjNElf961jaIPe0s5qMasYkPrII2lXyyCQP70e46rA20M4HAgQlOYu7fE3S68u7XeT8lsqQYVxc7p+Jjbz+IpHB1G8yZ+hej8zj56ENmAbR53XyXuZWM7Jx+/1MA04si3bqLbmHpsxEuxYZBhYszKpGly749M4fKmaeTBwV9CDgpP85fLrIEkipZzBgdtrdAK7erGmMouZ3/Roc9fKrv3rBpOqMWKQMWiImLcdl3TyLSQtheYvJNwUny4IbuFSMgQdCd0bQy/HIsrSXuTQBoQc64No15JzlEx5p/1iZitH0DIejKVEsuYUFrUDAJ5cSaFU44jE0spYnF0TaBGb59eN+HO6Xf6YgVQgN0+lxwmt6WheQq6aftfJ3GuPj3WJlAaa+HO8rFnCF00xBEm4rn2sJXcbrhDWQzhF5VPROOMtIZt2W5S7+3zWxqVYg6BJcxlOnM43T4DzE12jnXkUqrkDmBF8MlG1vOUtg5+00OfrBtK5kFCQpv1Xh//x/RRylSuQKWNtlmrI95EEan53gKe8hFpRLwtOPeBG1SLS9SaoKbGgiCGXcXaFKnZGXzPXxooMyCHrtNAna70vCXaDC9VsYbr+/nCt2gnRsaPFjHY61Mw3/zb2jsImBk/s5EOxdKJHI7Cliot5OClFZKhCgyjyjs2LpD6BeIIM8OxzgFcJVhD8PNP6KEjGavZ2XFw0wfRbCkHbi4BkyNDsIZJS/b9ES9F0RiCZ/ZnMlaYxqHmfzu/3vhVcfO3MggouBWmvq5HB14VMFip/wJiMAEDm3Dmc9nDzE5gPd2XlTGgjW5oLd+pZjbDGyI55c3Ukg2NHqEhqk8AVujy8G6SE6CZKLOvu+n+MBuIEOkVjvKWog1BafYuxEn+CGEr0HMDe6ZOkvGzncwVUVfe6GZmcjOe7T3BVTqT/5YQT6qBR2ECEm0oYREQ+3Rp3Gh5UNjRdr6zkPf8RlwLB/lPR50a/Qw4rvIVm7uZwqomoxB0KcIC37L3yeSZtwhhiQqWAHaS2c0ha3wFy2EUGw0UGJFZBMQhHvvMEInS11qo37A2kF28ihDIxH6Em8rCy0sAD1lylkZwaI6QsOsIKjRIXuH3oQWwh/AvTx90omVqoKWafOeUyFTzbN1AnixHIGL+sTYD7rC8uf43z8dHrr7xjwbcYHNjD71OpugjMA8ndPQ1kzfXq3kf/AjwrRMlXE87la19POJIvwmKfTyncfR+tW5s8HY3ow43CRb0owF7pfcILYc0J4TxL3S06yIJ/2AoF+nyaWuuUTygV3TipWvP3OJJ9oL7bs8zvJk7hPaGLd5cBLhOWlptj018yC/pPp0QBb7c+fWA5mxpWvuVa+q+hg835nXH9zk5Z0owU1uFXX9nmRXLSXxKZ7lmQa6SZ/QHtpKg2nKQr207MsZERbwTArdu1OhaXYuG51FGBGhLpdIqLZGSowPsEqLADgu9d/6vkZ/lb/DP9JM7KnOrujQ67fGBcfBlDcQfnoCUx/FcX5pZMNw50/jM6f8V4Ysu+7X7s6H0Z2bPhbjviIfcJluxKNe6CIQfcgI0YDG56my080C+thDsoj2v3B5HrtKm/0ynO4GtsRQfwMC4n40Iz7rIJST7snaOm3U19DZZ+OkPE9Kjb66n4QbPgxOgczxahABwae90+fAaWyO39awwDwjfvIcBZ3xcF4zyQ+eLm/2ttU3z3S0KBNYS3jyihI68EUwQF/nRlI/nSK0N0WsqmYEuwkZlBVaivWOVqdecnd3L+vCJGjY/QR027/XWo5kW7MJB7j8sRuxuHOaD622NhtdGUThdY2TvsK2E0G6Tba2G8+Ec2HkW3Z5cSLvMcXjZdVqup9oU9hxJgEs6pNxFNuzlyNsMQrD11Sjd+Xp7a9qoiO+v7/XoaJAkxWrGReVc0o5hRfCtyI/m3DO6wIuvzfQPPSOr/3soaxGgebOiBAdcYe+v595easdoqa49ugPwvf0cR7HEjchhC/o9wBq9ceZjm2ltFgPiP
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe /rawdata=WP1sPNwr7pWSrlXSgT7JbQxTXV477Xo72sFuw4XQKFL8q39aVKrWcBnomPoAL22/ngYMmqxO+nsjPkda/lTh3FOdU/WmHIVM85L6SyvxPyzUNYmgEfS5tYg25XNAiVpTXD0dauPpkRxTpqwAITbc4YuktUIbA/a4GUuRWth2O8pdWo3ksGTYaUeum5i7vZoQ5Xwa9HVqcL2nLk9YcFnbKvoKdiDNmehxzqjWdwrUeaCX2UWMJnqHwdDoYJREJHRoq80eTYAuxXznhPzFTLhT6R5UC3H3Thx9oLERSAkJwQAEI3/+PKq+R4ZF0PEZs/V92+p1cptn3qpsfwsX36suta5Q++nlmVef5rs4chuNqenvamuOmuA2t9qajc73J1grAdd812CTIx8foMgPZWiYoCjySF+1GnLF8p8QcvLW8je0qAx+CnFlpY9CfvMHcla/qLmHcYIKEkVXNilZfgC2g0lpOXMwaCU+HyRSON5HSzPNWnCoifOy3tStVug0P4itp6hAb2RIu+Hk/MQfmBXBOKtejiUjVSEoF/0U0hWP6dyu+DIe8yGtbwHL2Z4SkOBGP405Fe8gaye3XjgtIJ0N/cCpi/NNlBxHC9nKd16C0QY3/gb/ZzKyZBf19+TGW6aXcwQBlwBnkA/5aWDUmLD5id0CrZGZNJPSMgbNQjGBQBs2jwpJBOvJjAJ7iCVe6dBx+hy2fnFItgt1G1D3HQxiTBSPMCh9o/UpZz7k5IzbTjUaHRrkZZqR2TQ0W/EX534ph5Dc+ifjM/DQCt2MQbcJ4lgP4XxACcd41QaSOgUBK7FtasgqjUpNvALBm03jZdMpVJ1YiYe7MZcVUgdtMpYHI4YOLhotLFamYaFgdYxyrJM5xfGm8ZjL9hZikpMmGXSaNrQk6ykeQsAeVlurnA0bLtMbo0jEl02q0q/YqGRxYWFN39Ydy/OO/Zn7i0gMfjdYnB3rn3hNrKUhXhmH48dTxnUaNsSGPSBxSovo3RJxwGLOs4nB9kWWcvu8Y8+T8UVl
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe /rawdata=WP1sPNwr7pWSrlXSgT7JbQxTXV477Xo72sFuw4XQKFL8q39aVKrWcBnomPoAL22/ngYMmqxO+nsjPkda/lTh3FOdU/WmHIVM85L6SyvxPyzUNYmgEfS5tYg25XNAiVpTXD0dauPpkRxTpqwAITbc4YuktUIbA/a4GUuRWth2O8pdWo3ksGTYaUeum5i7vZoQ5Xwa9HVqcL2nLk9YcFnbKvoKdiDNmehxzqjWdwrUeaCX2UWMJnqHwdDoYJREJHRoq80eTYAuxXznhPzFTLhT6R5UC3H3Thx9oLERSAkJwQAEI3/+PKq+R4ZF0PEZs/V92+p1cptn3qpsfwsX36suta5Q++nlmVef5rs4chuNqenvamuOmuA2t9qajc73J1grAdd812CTIx8foMgPZWiYoCjySF+1GnLF8p8QcvLW8je0qAx+CnFlpY9CfvMHcla/qLmHcYIKEkVXNilZfgC2g0lpOXMwaCU+HyRSON5HSzPNWnCoifOy3tStVug0P4itp6hAb2RIu+Hk/MQfmBXBOKtejiUjVSEoF/0U0hWP6dyu+DIe8yGtbwHL2Z4SkOBGP405Fe8gaye3XjgtIJ0N/cCpi/NNlBxHC9nKd16C0QY3/gb/ZzKyZBf19+TGW6aXcwQBlwBnkA/5aWDUmLD5id0CrZGZNJPSMgbNQjGBQBs2jwpJBOvJjAJ7iCVe6dBx+hy2fnFItgt1G1D3HQxiTBSPMCh9o/UpZz7k5IzbTjUaHRrkZZqR2TQ0W/EX534ph5Dc+ifjM/DQCt2MQbcJ4lgP4XxACcd41QaSOgUBK7FtasgqjUpNvALBm03jZdMpVJ1YiYe7MZcVUgdtMpYHI2llXHlv0V2pCyMixRyjyv0TaosvEu1MD3gsnsuON3OhfDxEzKPoYq5Me9+EuABbaNODolEq0QOrmLObpb9jTe8aV7MnvagmCv2R9YDDbWfhrBXQDnJuuQl7KdcSpCPoSGQEbXq0rDWt00evchhDak/8NHI8ez8lof65fTDnc56s
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe /rawdata=JQ4Zgg2iNy+QL1ZEj+NQU6x8a3wRlJM1HnH7aZvi9nAR0lR0s88Oy2nYovQeE0byS6g8hnHLxdEPlOecZ9XOFDZ8nG6tgpCu5SP5JUzeEFBDQqGBX1XthGR5XUrwC9fmHC1YsjkNqHeFjeunHE99SsTCeApSipvROuQKogMzDR23uZz86XKAx3DVehq3/Hizd5EzTEr2AX9y23I3zu6dN4EAhMQ7ADis7GCkaq/j4QtT2Lq5Qz0jOujndhQihMdWhYPc9z87C+e0Vw9c7dthwWEP7pLOCB/E4C0pi5uFQx3LUDvIig8PlOPzTdMSO9zhqEqyLTWXLIZx//C9N5A/OcX+XIsSIUXXmZiyedF6xncL0i2PKslDMz/VZtP6yxZcwOkAwRO8M6B5y3RPPaD2VlnOFWYL79iOtURSpOwT5mVCw/btQqsv3y8lNq3UoPGbXKyr4hT2AcODBeWKDn3qyvCAScDzjiAVKGmi9r+ad0KSJ2xVDUHjO9ywAj+zAEovtE2JmokCaEUYTKKkKYbxATIcKNJfu6swwnMtMBrkVyt9cx9jC4mG+y70iTdg/DjFKn/BtShgx4o+eixInGdUcHLW0SgdzJcmDvRO69pWPcNZs8R59aXnAxIcCaXLU8OVUDIXgs58NbcxzAkWKq85/yGCL1mhr2URd5IDppq3md61twGbZeYzei+nQrRWGyurh59YAhUtGz5zpWCh5SyjBP+wSdohZrkOXYUYY39bG35ANNlzfNLPG82DACAM8aje00hlOP3wtyDkDTUW/EFZswW9izQ9cVSI5m1MjPM0blhoIdC+FJL8WOQStQXqWBF7R/XI2z7wkg8vgmWno4hV/q8HAgu95eFnmdoEHf3FSwnsEG4XyWALqdAX5Qww7cgfmSpjX5OwL0myriNfrDuxj8q6wdspXJFx0tQBRX6hl6xfbHATS6PzoSQHjwPJuWEWmje/SZppnWBlKWHkSCYBnHt1oSgefyYXsZdKdx8g6XiyghqjP5GlxLz9PMZ5YQ0/hBVAmSwTpfB9OEEUzmemXK8PxzmMCFnT9eM+LASAcjC77Q76wzWPTBCk6IPYDRVhwVOG3+goYBA9asxUNEZXpJ+1ZPF+TuPi1jMZs/DX8CK/hy9I9xRv+4pEQWfNiTvHv0PVssQjNHOvsth5benFgZNtX1IhwxkjKUi2b7Vzpg8aRaHUN627aV3TLqNQ7NssMoiT5+E5687kgJzySYMtQc+YJ9YbQN71VyhJ1VTNZAV16JqABFpqwJsQsnSX9A1JW6kH7+7q9DfUpBS9iaExoDLiwKTTWSgI+TdGxXbkyjA/C+2j/4M9TvGPztpOWjxv4jhvIamJLVeNosSNk3p50l8pe5gngNuW1ue+3155aDawyzgwWTkpxcpADwiaoomGYQw433VU8XaB6zSJqK+zBteh+WewCrMqYvbOU39N3zR3D6PGGjvMjb3MG2RU99HcNv1VRyBF1w5OARTbNphVPYcxZ0N/sx0l4zlJ5AmdXq39hYWPE8M4SulqY/CvzKqSlt1YwhJPII+pqh5+Xc7C+UN9MfrItFc1fy+N/xdeWiBU1LeGZP/SLWMw4G2BekS9+1oX6/WU2el8tclMt1ELke/H/y9YNUnOcQa+Pqp9q25jhcoXDnGW484+W+UtSPt4MRQtoJl+eMTaQyYukMSMqqE7sxU13r0RgE+m/gbwqo/AVHR+zBkXy60/r326hb0+VPZKbuHeucCKjfNPtLl+a20nnf4Mwp3Zq01fp4yV0dNhI8toCWm9vAwLP0F+z3u7TFv3QDscaqXZzjpKJPiUQrISgzagSGKwYRxzAX0uSEOa02eu19IkfGgIQ7yix4/bNeLwNXPbR40+9iGTGaxehcIrFThWvG55WRP+5wpsBQDOpxouKp8+oco31oX78cY89yK5oESLugPlNoetFx+jjj5kH23n9IhmK090fDBt5wHKFrHz2/Q/NRnH1imfHzEKap0cThGQFib9h5GALa8WA/H7suJEeg77fjEBD3K6h/+xEVHsbf26YuHBuCNk83+wwLJpyYc7aGo7SvqXB+dEOCpkyKj3vJ16+1514rjYA8DPbIP+ybBh9fzzUicdfJDqHQOXni/5Nmx5D+PtwfUbKumaPgXLDmkGJly16LHdXDhqtRq0lrrrnj1i6IbX5IE44OFbYMAWCznb8AiezmAXCem89neWGIMW3Rv+lt4c7dZc5Uv3ycJEgkqBjsDI0NxS2SWGXc0YMROtBbVx0db8/iDSsuyYPT6OT7DlpeRC4eE6XsCyyoA/V7EwigcB1ujlF0m3HUQchkY7vB42ytUcUaBG3NcgFAXylqnjvi7BP52rYNXaqpeAGRHe8XTLkzA1yyZNbI+WkfupB5kvMsfNAF4CM8nq6tuCbZHhfp1AlPdOYpY1TuqxAYEyq6hOdbMoXqUp+rTbm4aUkl+MTtr9636LTcMwpaFPOiLbBe09SOnln5eq3eZGpgrmda+g9XuEgmnanS4C3ndxs26TCAkl9c+UhONjSCp6/QEOtFCmuL3JpSOkBPHWg8BVNOC5R/o2an6BcHWNFksReWnbrBCDX0VqGJxYWTZhGfHNmmdua1aJiMpyqn4cImuxMjgEt/BnD4Y00yO8yQI9cAeF2dNdA7gWXXx/mBijE/HutILvrwtQOmWmn2ia3uRUSmPfUKyr7EJE2g9rTWVx04AU7pyeoBkPMFoPLBYG07S6Xq+7zGY=
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.exe /rawdata=xxPIgFYZH9v71P974Qkf0hgMD6tf4MTx8VNWZG09m9p0R1K3Mpq4rsbosnd12Bvi2jYuiAQE6Mv7itz0dkSQS7bYWnoohNNTLWiFU7HlnlBKGAOanFQjbTaOdr9lVktXFDh6aJwXyBgaBmyl0TAqgOaoFmTutNxGVhlh2K5XWtYYf6Cgzahu5oQtPJk+5TsopeWiKCy8fXp9vdx6eORbqtzSCXeRQhjR7Gh1Y4zXfTrJOQsgmJs4blLxaYkpzn4jbGHTts3EJZdJ2ZFODbOuWGuKNEFKZPMBX+mAoGCIJJKEmWs75S+H/TguymbvUK/NMtx52ZaCTtMHo4CeIhbRuFcYrR1vy1ocGW3EO6rLIhiKnuF3bAfIeYq0IAMtUIYr7VbcDWXe22CDYyJ++4LqhP7PW9m50ikdtlrgyfSLkgP1CsKq3am0leIRggfv90d8g8Jwi8IRipwJO3NKRhRRG7wae4liKsXcIG1MKUGPE1TY9q9L/rHMU9EFVPhYEBV4GDb6VFGLvmLH3ZLRxIk6iaUEr8P0zNol08N/YkgFtK80rSDDOVJRRUkNgfRIXdshMvNKzKhz8AV011+8ODBuew1CuJy1+Bna1Up4c2FEpDvSqcGWZ2TIbFAUWJZstqbz5EJh6LhXpzm8OpF11rSi3oGFKNDBFbucJegeTBblx29EjGefpHtTVM9g+s28WY3/V6WMtPzzDx2rCvMwP4UocnKanNRAn1AcNj1ETOSVCjvQAckxVqXAgY52GnBwoS5D7dKC/KTUOCkG6FlUYVlSj32QIlKKQ4u2t83g0Te1cOF7qrtKDzuuKgYDpl1fY3z7/KxIfItJ5b44nBECE+f/qrJAbDuShOIiwPRDW4GsTfxe6y0LH+8Dvf2PJLIFkF2QwJu/6ObOBAGj2pHCgpHJ+bvMMgzcHohGQzVK2J/nCV1dbXmZFp0NyC6TptowKyxFhrEurikJ5KSv7M16lhWNRsLDjygAQbazZ1E9a0iCLOWp3zDL71CFynZEvCBNX6y1sSx2bIahNI6iEFgWO8PEMcz4zvr5iD7Xn3jfJqReNrePkb5aAT352E502cchKPQT2KfshO4HNEf7fQPTsB8dfBN058PIK9z+Zq9LJkHOoK/9DLVsgpA0arHfQKbZnbe7tk5PIW+SjkaOeRsBtaBlyd99bCp/P5fjk2dQj9EmxS8k2BMBzb1PwKsOSVMNU4wAy3OJeEyEGmuqffLKpc8ZxQ0F/DMRWrExc7DOZiQvVc6yvIikTw75QJbC8i0o8CDikcC/bjt5UU6qO3f/vaA58BebzgZWEBp1ydsNkv8uZStclA65DFVugUaQotAHJPQz/XnQs/ubfi2A1xwBzsx4/Jj2jj2bgIKlL9u9xktLEuKuuqJP73cOkbUeETmswDKEb9gkx3wvAetUu2tCk+FTowonhhsbjzLUXBMrIP8oqHgcYiMsw3OYIZEmok2DSUYq/wAHJ9FZQYuxj8NBTW/42cHRhcDLloxb5l7DzSzwIHV2fgXafO/79913ckyPyfE/ST/vMApXWP8PAStLoDLT4HOuXHBMB7+RSsnVBCHxOKtPFPoQFBiLWZ1oHxCKTam1Yv7eoRmjK5rHW1GWuSjLnYIzOgJ1rOVQ/g82OLC5koo7gxcaI18rqFKDzqOosYhLDrPliGaT+GFE2Z8hEWk1Wch9o+KDnWT67G3COjhLUsgjZI+sy8xMQ+aa6obfhYYIQ1pPb7sYKog82QX7yU4SkzkP+wR+ufD3CfVZJR/M7UR9DcfYFr6YNw2oB2g+CxwumCQTdk2+8UVBVtJAY1NUGqDykaiVpUsNA0zUAiPBlG9HFDXI/ZKWF1hLu3T6kBxxwkJwS9F+jXGSFY0sKud3S4HWjZX7aSVYYctnUGDk6LqT3DloxSp4qjOiLXavBZVmooyfkIzLXI5phAMlATq3Yjzy56M9+T8YSyU0KcvQJOKtrub34h2ToA6RUoS136XbvyqISc4OyHJw5effS9OzqUg6V8lMMdM9V3Qfz79JXqueXlEWyPbrcgXhc3Eta6SRUIrNyqatXNjmQd1/CM/jMXDxHyfkDPVw+VH/4v0aMRynf2AlIHvwc8fqA6vmNZr6VefUPfiuSbOTL7xjlLtB+ctGcYIJ0T5zKngudSlSlVHhx7yXUqIJrN/AhJc+nCtaMZ5ZHQ9jotc4gboE9GJF+k/q5tZvyjeV9Ap5Raf7/5EflfyH/5ankn1r5wrnQCHafgWqxQ6lTPtFdE1ZyVOA1Oq+uAD4CM0+TlQN54z3IjBqJkeAiOv4IQQr6nUxX5F34B4jRMImXmJKIDnLz+9CE6lfSofsgIob+vEcvJqSIiV2jwep+WyHl/DnqzuOCTF1dKEDQ8zjQ+TAZIF29fGGOiwaYCfnPtIP43hKuriZc37JrTIX60jmoi/7eU1X4ytutCCyteg4zg46mgDdLAAoBY/qmzCpEECoGWv6SbFg6/1f0y+snIu3vZfHNc/CNDdFSMRPLa2iDILv4IRssqzkSsLuZPWF6OzuByXtqsnSKYMOo4XHWrWTCQfvkkfruHM/
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-23 2754704]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-05-23 1571696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-04-07 169768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-06-04 2892992]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28787840]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"GalaxyClient"=C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [2015-05-28 7457336]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-05-21 4471536]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-12 12:54:55 ----A---- C:\awh8046.tmp
2015-06-12 12:49:17 ----D---- C:\Windows\Minidump
2015-06-12 10:46:08 ----A---- C:\awh59A3.tmp
2015-06-11 10:22:43 ----A---- C:\awhE7FD.tmp
2015-06-10 11:28:08 ----A---- C:\awhCCA1.tmp
2015-06-09 21:58:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-09 21:58:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-09 21:58:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-09 21:58:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-09 21:58:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-09 21:58:06 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-09 21:58:06 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-09 21:58:06 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-09 21:58:06 ----A---- C:\Windows\system32\iernonce.dll
2015-06-09 21:58:06 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-09 21:58:06 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-09 21:58:06 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-09 21:58:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-09 21:58:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-09 21:58:05 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-09 21:58:05 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-09 21:58:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-09 21:58:04 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-09 21:58:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-09 21:58:04 ----A---- C:\Windows\system32\urlmon.dll
2015-06-09 21:58:04 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-09 21:58:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-09 21:58:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-09 21:58:03 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-09 21:58:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-09 21:58:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-09 21:58:03 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-09 21:58:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-09 21:58:03 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-09 21:58:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-09 21:58:03 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-09 21:58:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-09 21:58:02 ----A---- C:\Windows\system32\iesetup.dll
2015-06-09 21:58:02 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-09 21:58:01 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-09 21:58:01 ----A---- C:\Windows\system32\vbscript.dll
2015-06-09 21:58:01 ----A---- C:\Windows\system32\iertutil.dll
2015-06-09 21:58:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-09 21:58:00 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-09 21:58:00 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-09 21:58:00 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-09 21:58:00 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-09 21:57:59 ----A---- C:\Windows\system32\ieui.dll
2015-06-09 21:57:59 ----A---- C:\Windows\system32\ieframe.dll
2015-06-09 21:57:59 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-09 21:57:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-09 21:57:58 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-09 21:57:58 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-09 21:57:58 ----A---- C:\Windows\system32\jscript9.dll
2015-06-09 21:57:58 ----A---- C:\Windows\system32\jscript.dll
2015-06-09 21:57:57 ----A---- C:\Windows\system32\wininet.dll
2015-06-09 21:57:57 ----A---- C:\Windows\system32\msrating.dll
2015-06-09 21:57:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-09 21:57:56 ----A---- C:\Windows\system32\mshtml.dll
2015-06-09 21:57:38 ----A---- C:\Windows\system32\wmp.dll
2015-06-09 21:57:37 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-09 21:57:36 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-09 21:57:36 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-09 21:57:36 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-09 21:57:36 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-09 21:57:36 ----A---- C:\Windows\system32\spwmp.dll
2015-06-09 21:57:36 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-09 21:57:34 ----A---- C:\Windows\system32\invagent.dll
2015-06-09 21:57:34 ----A---- C:\Windows\system32\generaltel.dll
2015-06-09 21:57:34 ----A---- C:\Windows\system32\devinv.dll
2015-06-09 21:57:34 ----A---- C:\Windows\system32\appraiser.dll
2015-06-09 21:57:34 ----A---- C:\Windows\system32\aepic.dll
2015-06-09 21:57:34 ----A---- C:\Windows\system32\aepdu.dll
2015-06-09 21:57:34 ----A---- C:\Windows\system32\aeinv.dll
2015-06-09 21:57:34 ----A---- C:\Windows\system32\acmigration.dll
2015-06-09 21:57:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-09 21:57:29 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-09 21:57:29 ----A---- C:\Windows\system32\kerberos.dll
2015-06-09 21:57:29 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-09 21:57:28 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-09 21:57:28 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-09 21:57:28 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-09 21:57:28 ----A---- C:\Windows\system32\kernel32.dll
2015-06-09 21:57:28 ----A---- C:\Windows\system32\advapi32.dll
2015-06-09 21:57:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-09 21:57:27 ----A---- C:\Windows\system32\ntdll.dll
2015-06-09 21:57:27 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-09 21:57:26 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-09 21:57:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-09 21:57:26 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-09 21:57:26 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-09 21:57:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-09 21:57:26 ----A---- C:\Windows\system32\wow64.dll
2015-06-09 21:57:26 ----A---- C:\Windows\system32\winsrv.dll
2015-06-09 21:57:26 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-09 21:57:26 ----A---- C:\Windows\system32\srcore.dll
2015-06-09 21:57:26 ----A---- C:\Windows\system32\schannel.dll
2015-06-09 21:57:26 ----A---- C:\Windows\system32\rstrui.exe
2015-06-09 21:57:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-09 21:57:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-09 21:57:26 ----A---- C:\Windows\system32\conhost.exe
2015-06-09 21:57:25 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-09 21:57:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-09 21:57:25 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-09 21:57:25 ----A---- C:\Windows\system32\wdigest.dll
2015-06-09 21:57:25 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-09 21:57:25 ----A---- C:\Windows\system32\tdh.dll
2015-06-09 21:57:25 ----A---- C:\Windows\system32\sspicli.dll
2015-06-09 21:57:25 ----A---- C:\Windows\system32\sechost.dll
2015-06-09 21:57:25 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-09 21:57:25 ----A---- C:\Windows\system32\logman.exe
2015-06-09 21:57:24 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-09 21:57:24 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-09 21:57:24 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-09 21:57:24 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-09 21:57:24 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-09 21:57:24 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-09 21:57:24 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-09 21:57:24 ----A---- C:\Windows\system32\typeperf.exe
2015-06-09 21:57:24 ----A---- C:\Windows\system32\smss.exe
2015-06-09 21:57:24 ----A---- C:\Windows\system32\relog.exe
2015-06-09 21:57:24 ----A---- C:\Windows\system32\lsass.exe
2015-06-09 21:57:24 ----A---- C:\Windows\system32\auditpol.exe
2015-06-09 21:57:23 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-09 21:57:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-09 21:57:23 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-09 21:57:23 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-09 21:57:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-09 21:57:23 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-09 21:57:23 ----A---- C:\Windows\system32\srclient.dll
2015-06-09 21:57:23 ----A---- C:\Windows\system32\secur32.dll
2015-06-09 21:57:23 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-09 21:57:23 ----A---- C:\Windows\system32\diskperf.exe
2015-06-09 21:57:23 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-09 21:57:23 ----A---- C:\Windows\system32\credssp.dll
2015-06-09 21:57:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 21:57:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 21:57:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 21:57:22 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-09 21:57:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 21:57:22 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 21:57:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-09 21:57:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-09 21:57:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-09 21:57:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-09 21:57:22 ----A---- C:\Windows\system32\wow64win.dll
2015-06-09 21:57:22 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 21:57:21 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-09 21:57:21 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-09 21:57:21 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-09 21:57:21 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-09 21:57:21 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-09 21:57:21 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-09 21:57:21 ----A---- C:\Windows\system32\adtschema.dll
2015-06-09 21:57:20 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-09 21:57:20 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-09 21:57:20 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-09 21:57:20 ----A---- C:\Windows\system32\msobjs.dll
2015-06-09 21:57:20 ----A---- C:\Windows\system32\msaudite.dll
2015-06-09 21:56:48 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-09 21:56:48 ----A---- C:\Windows\system32\comctl32.dll
2015-06-09 21:56:46 ----A---- C:\Windows\system32\win32k.sys
2015-06-09 21:56:37 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-09 21:47:12 ----A---- C:\awh27CA.tmp
2015-06-08 11:03:04 ----A---- C:\awhA8BC.tmp
2015-06-07 01:07:45 ----A---- C:\awh4623.tmp
2015-06-06 10:56:13 ----A---- C:\awhB99E.tmp
2015-06-05 10:28:47 ----A---- C:\awh426C.tmp
2015-06-04 11:51:39 ----A---- C:\awhB17.tmp
2015-06-03 15:27:11 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2015-06-02 22:04:20 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-02 22:00:46 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvdispgenco6435306.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvdispco6435306.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\nvcompiler.dll
2015-06-02 22:00:46 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-02 21:45:11 ----D---- C:\ProgramData\boost_interprocess
2015-06-02 21:45:06 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-02 21:45:06 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-01 22:47:03 ----D---- C:\rsit
2015-06-01 22:47:03 ----D---- C:\Program Files\trend micro
2015-05-28 22:37:46 ----D---- C:\Program Files (x86)\Cool getWeather
2015-05-28 22:32:04 ----D---- C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-05-28 22:32:01 ----A---- C:\Users\Win7\AppData\Roaming\BYAIAMUF.exe
2015-05-28 22:31:59 ----D---- C:\Program Files (x86)\globalUpdate
2015-05-28 22:31:49 ----D---- C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-05-28 22:31:38 ----D---- C:\Program Files (x86)\Seznam.cz
2015-05-28 22:31:25 ----D---- C:\Users\Win7\AppData\Roaming\Seznam.cz
2015-05-28 22:22:34 ----D---- C:\Program Files (x86)\Ubisoft
2015-05-28 22:17:01 ----D---- C:\Users\Win7\AppData\Roaming\DAEMON Tools Lite
2015-05-28 22:17:01 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-05-28 22:16:52 ----D---- C:\Program Files\DAEMON Tools Lite
2015-05-24 20:15:10 ----D---- C:\Users\Win7\AppData\Roaming\LolClient
2015-05-24 20:15:09 ----D---- C:\Users\Win7\AppData\Roaming\Macromedia
2015-05-24 18:04:56 ----D---- C:\ProgramData\Riot Games
2015-05-24 18:03:27 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2015-05-24 18:03:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2015-05-24 18:03:25 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2015-05-24 18:01:50 ----D---- C:\Program Files (x86)\Lol
2015-05-24 18:01:24 ----D---- C:\Users\Win7\AppData\Roaming\Riot Games
2015-05-24 02:10:26 ----D---- C:\Program Files (x86)\Life Is Strange
2015-05-23 23:55:02 ----D---- C:\Program Files (x86)\2K Games
2015-05-20 12:47:04 ----A---- C:\Windows\system32\drivers\nethfdrv.sys
2015-05-20 12:45:46 ----A---- C:\Windows\SYSWOW64\netupdsrv.exe
2015-05-20 12:45:24 ----A---- C:\Windows\SYSWOW64\installd.exe
2015-05-20 12:45:02 ----A---- C:\Windows\SYSWOW64\nethtsrv.exe
2015-05-20 12:44:26 ----A---- C:\Windows\SYSWOW64\hfnapi.dll
2015-05-20 12:43:54 ----A---- C:\Windows\SYSWOW64\hfpapi.dll
2015-05-20 11:52:52 ----D---- C:\Users\Win7\AppData\Roaming\NVIDIA
2015-05-20 11:47:01 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-05-20 11:47:01 ----A---- C:\Windows\system32\nvhdap64.dll
2015-05-20 11:47:01 ----A---- C:\Windows\system32\nvdispgenco6435286.dll
2015-05-20 11:47:01 ----A---- C:\Windows\system32\nvdispco6435286.dll
2015-05-20 11:47:01 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-05-20 11:19:43 ----D---- C:\ProgramData\GOG.com
2015-05-20 11:19:43 ----D---- C:\Program Files (x86)\GalaxyClient
2015-05-20 10:34:11 ----D---- C:\GOG Games
2015-05-17 16:33:00 ----D---- C:\Users\Win7\AppData\Roaming\Apple Computer
2015-05-17 16:32:52 ----DC---- C:\Windows\system32\DRVSTORE
2015-05-17 16:32:52 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2015-05-17 16:32:13 ----D---- C:\Program Files\iPod
2015-05-17 16:32:13 ----D---- C:\Program Files (x86)\iTunes
2015-05-17 16:32:12 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-17 16:32:12 ----D---- C:\ProgramData\Apple Computer
2015-05-17 16:32:12 ----D---- C:\Program Files\iTunes
2015-05-17 16:31:00 ----D---- C:\Program Files (x86)\Apple Software Update
2015-05-17 16:30:11 ----D---- C:\Program Files\Common Files\Apple
2015-05-17 16:29:55 ----D---- C:\ProgramData\Apple
2015-05-16 22:38:58 ----D---- C:\Program Files\CCleaner
2015-05-16 18:13:19 ----D---- C:\Program Files (x86)\Total War Shogun 2
2015-05-14 21:26:46 ----D---- C:\ProgramData\Package Cache
2015-05-14 00:46:36 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 00:46:36 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:15:46 ----D---- C:\Users\Win7\AppData\Roaming\dvdcss
2015-05-13 08:11:45 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-05-13 08:11:45 ----A---- C:\Windows\system32\certcli.dll
2015-05-13 08:06:37 ----A---- C:\Windows\system32\services.exe
2015-05-13 08:05:54 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-05-13 08:05:54 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 08:05:54 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 08:05:49 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-05-13 08:05:49 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-13 08:05:49 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 08:05:47 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-05-13 08:05:47 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-13 08:05:44 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-05-13 08:05:43 ----A---- C:\Windows\system32\poqexec.exe
2015-05-13 08:05:39 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-05-13 08:05:39 ----A---- C:\Windows\system32\apphelp.dll
2015-05-13 08:05:39 ----A---- C:\Windows\system32\aelupsvc.dll
2015-05-13 08:05:38 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-05-13 08:05:38 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-05-13 08:05:38 ----A---- C:\Windows\system32\shimeng.dll
2015-05-13 08:05:38 ----A---- C:\Windows\system32\sdbinst.exe

======List of files/folders modified in the last 1 month======

2015-06-12 21:26:50 ----D---- C:\Windows\Temp
2015-06-12 17:06:11 ----D---- C:\Users\Win7\AppData\Roaming\vlc
2015-06-12 14:46:36 ----D---- C:\Program Files (x86)\Rockstar Games
2015-06-12 14:46:27 ----D---- C:\Program Files\Rockstar Games
2015-06-12 12:53:10 ----D---- C:\Users\Win7\AppData\Roaming\Skype
2015-06-12 12:53:09 ----D---- C:\Program Files (x86)\Steam
2015-06-12 12:51:24 ----D---- C:\Windows\Prefetch
2015-06-12 12:49:19 ----D---- C:\ProgramData\NVIDIA
2015-06-12 12:49:17 ----D---- C:\Windows
2015-06-12 10:44:50 ----D---- C:\Windows\system32\config
2015-06-11 15:09:03 ----D---- C:\Users\Win7\AppData\Roaming\TS3Client
2015-06-11 10:39:31 ----SD---- C:\Users\Win7\AppData\Roaming\Microsoft
2015-06-10 18:08:45 ----SHD---- C:\Windows\Installer
2015-06-10 18:08:25 ----D---- C:\ProgramData\Skype
2015-06-10 11:29:22 ----D---- C:\Windows\System32
2015-06-10 11:29:22 ----D---- C:\Windows\inf
2015-06-10 11:29:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-10 11:23:22 ----D---- C:\Windows\winsxs
2015-06-10 11:20:43 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-10 11:20:42 ----SD---- C:\Windows\system32\CompatTel
2015-06-10 11:20:42 ----D---- C:\Windows\SysWOW64
2015-06-10 11:20:42 ----D---- C:\Windows\system32\appraiser
2015-06-10 11:20:42 ----D---- C:\Windows\AppPatch
2015-06-10 11:20:42 ----D---- C:\Program Files\Windows Media Player
2015-06-10 11:20:41 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-10 11:20:40 ----D---- C:\Windows\system32\cs-CZ
2015-06-10 11:20:39 ----D---- C:\Windows\system32\drivers
2015-06-10 11:20:35 ----D---- C:\Program Files\Internet Explorer
2015-06-10 11:20:34 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-10 11:20:34 ----D---- C:\Windows\PolicyDefinitions
2015-06-10 11:20:33 ----D---- C:\Windows\system32\en-US
2015-06-10 11:20:32 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-10 01:21:24 ----D---- C:\Windows\system32\MRT
2015-06-10 01:17:54 ----D---- C:\Windows\debug
2015-06-10 01:17:46 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 01:16:30 ----SHD---- C:\System Volume Information
2015-06-09 21:52:56 ----D---- C:\Windows\system32\catroot2
2015-06-04 11:45:35 ----D---- C:\Windows\Microsoft.NET
2015-06-04 11:41:17 ----D---- C:\Program Files (x86)\Common Files
2015-06-03 15:27:15 ----RSD---- C:\Windows\assembly
2015-06-03 15:27:11 ----RD---- C:\Program Files (x86)
2015-06-02 22:04:48 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-02 22:04:13 ----D---- C:\Windows\system32\DriverStore
2015-06-02 21:45:11 ----HD---- C:\ProgramData
2015-06-01 22:47:03 ----RD---- C:\Program Files
2015-05-29 00:12:13 ----D---- C:\Windows\Tasks
2015-05-29 00:06:06 ----D---- C:\Program Files (x86)\Google
2015-05-29 00:06:02 ----D---- C:\Windows\system32\Tasks
2015-05-28 23:03:17 ----D---- C:\Users\Win7\AppData\Roaming\BitTorrent
2015-05-28 22:22:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-05-28 22:15:38 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-05-28 22:07:21 ----D---- C:\Windows\system32\catroot
2015-05-28 22:06:23 ----D---- C:\Users\Win7\AppData\Roaming\DAEMON Tools Pro
2015-05-28 11:13:55 ----D---- C:\Windows\Logs
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\OpenCL.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvapi64.dll
2015-05-28 06:15:30 ----A---- C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvshext.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvmctray.dll
2015-05-28 06:15:28 ----A---- C:\Windows\system32\nvcpl.dll
2015-05-25 12:01:01 ----RD---- C:\Program Files (x86)\Skype
2015-05-23 03:47:15 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-05-23 03:47:15 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-05-23 03:47:06 ----A---- C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47:06 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-05-20 15:08:54 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-20 15:08:54 ----SD---- C:\Windows\system32\GWX
2015-05-20 11:48:31 ----D---- C:\Program Files\NVIDIA Corporation
2015-05-18 17:03:53 ----D---- C:\Windows\system32\drivers\UMDF
2015-05-17 16:30:11 ----D---- C:\Program Files\Common Files
2015-05-16 22:41:32 ----D---- C:\Windows\Panther
2015-05-16 18:34:02 ----D---- C:\Users\Win7\AppData\Roaming\The Creative Assembly
2015-05-16 10:44:42 ----D---- C:\Windows\rescache
2015-05-15 22:40:20 ----D---- C:\Users\Win7\AppData\Roaming\My Battle for Middle-earth(tm) II Files
2015-05-14 13:36:09 ----D---- C:\ProgramData\Adobe
2015-05-14 13:35:25 ----D---- C:\Users\Win7\AppData\Roaming\Adobe
2015-05-14 10:36:29 ----D---- C:\Program Files\Windows Journal
2015-05-14 10:36:28 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-14 00:52:36 ----D---- C:\Program Files\Microsoft Security Client
2015-05-14 00:52:36 ----D---- C:\Program Files (x86)\Microsoft Security Client
2015-05-13 08:52:35 ----A---- C:\Windows\system32\nvhdagenco6420103.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 nethfdrv;nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [2015-05-20 46160]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-05-28 30264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-05-13 195912]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-23 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-23 1152656]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 NetHttpService;Network HTTP Support Service; C:\Windows\SysWOW64\nethtsrv.exe [2015-05-20 338944]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-23 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-23 23006864]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-05-28 937288]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-05-04 76888]
R2 ServiceUpdater;Network Support Service Updater; C:\Windows\SysWOW64\netupdsrv.exe [2015-05-20 190464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-05-28 410768]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-05-21 1272560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-04-07 643880]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-05-28 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-29 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [2015-05-28 1751096]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2015-06-03 6666808]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-05-28 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-29 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-04-20 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Zde je log


# AdwCleaner v4.206 - Log vytvořen 12/06/2015 v 21:43:28
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-09.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Win7 - WIN7-PC
# Spuštěno z : C:\Users\Win7\Desktop\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : globalUpdate
[#] Služba Smazáno : globalUpdatem
Služba Smazáno : nethfdrv
[#] Služba Smazáno : NethxxpService
[#] Služba Smazáno : ServiceUpdater

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\Cool getWeather
Složka Smazáno : C:\Program Files (x86)\CinemaP-1.9cV16.03
Složka Smazáno : C:\Users\Win7\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Win7\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb
Soubor Smazáno : C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage
Soubor Smazáno : C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage-journal
Soubor Smazáno : C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0
Soubor Smazáno : C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acklnhgjphbhhomkneonohbjnbmkclfb
Soubor Smazáno : C:\Program Files (x86)\Common Files\config\uninstinethnfd.exe
Soubor Smazáno : C:\Windows\SysWOW64\hfnapi.dll
Soubor Smazáno : C:\Windows\SysWOW64\hfpapi.dll
Soubor Smazáno : C:\Windows\SysWOW64\installd.exe
Soubor Smazáno : C:\Windows\SysWOW64\nethtsrv.exe
Soubor Smazáno : C:\Windows\SysWOW64\netupdsrv.exe
Soubor Smazáno : C:\Windows\System32\drivers\nethfdrv.sys
Soubor Smazáno : C:\Users\Win7\AppData\Roaming\BYAIAMUF
Soubor Smazáno : C:\Users\Win7\AppData\Roaming\BYAIAMUF.exe

***** [ Naplánované úlohy ] *****

Úloha Smazáno : AmiUpdXp
Úloha Smazáno : globalUpdateUpdateTaskMachineCore
Úloha Smazáno : globalUpdateUpdateTaskMachineUA
Úloha Smazáno : amiupdaterExd
Úloha Smazáno : amiupdaterExi
Úloha Smazáno : BYAIAMUF
Úloha Smazáno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6
Úloha Smazáno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7
Úloha Smazáno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user
Úloha Smazáno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-3
Úloha Smazáno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-5
Úloha Smazáno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user
Úloha Smazáno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-6
Úloha Smazáno : e653cf25-f107-4cbe-b8d1-5dadaea354f2-7

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Smazáno : HKLM\SOFTWARE\156eacdc-6be3-484e-958c-b1950c01381c
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\CinemaP-1.9cV16.03
Klíč Smazáno : HKCU\Software\CinemaP-1.9cV16.03-nv
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : HKLM\SOFTWARE\CinemaP-1.9cV16.03
Klíč Smazáno : HKLM\SOFTWARE\CinemaP-1.9cV16.03-nv
Klíč Smazáno : HKU\.DEFAULT\Software\CinemaP-1.9cV16.03-nv
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV16.03
Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v43.0.2357.124

[C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.search.smartshopping.com/websearch1 ... earchTerms}

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [9907 bytů] - [12/06/2015 21:42:13]
AdwCleaner[S0].txt - [8834 bytů] - [12/06/2015 21:43:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8892 bytů] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Win7 on p  12.06.2015 at 21:57:12,36.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Win7\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12.6.2015 21:58:40 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~3\Riot Games deleted successfully
C:\Users\Win7\AppData\Roaming\BitTorrent deleted successfully
C:\Users\Win7\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Win7\AppData\Local\EmieSiteList deleted successfully
C:\Users\Win7\AppData\Local\EmieUserList deleted successfully
C:\Users\Win7\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Seznam.cz not found
C:\Users\Win7\AppData\Local\32400 deleted
C:\PROGRA~2\69dc8177-a574-4dff-8461-b3267b078dcf deleted
C:\PROGRA~2\COMMON~1\Config deleted
C:\awh27CA.tmp deleted
C:\awh426C.tmp deleted
C:\awh4623.tmp deleted
C:\awh59A3.tmp deleted
C:\awh8046.tmp deleted
C:\awhA8BC.tmp deleted
C:\awhB17.tmp deleted
C:\awhB99E.tmp deleted
C:\awhCCA1.tmp deleted
C:\awhE7FD.tmp deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01.05.2015 11:17]

Seznam Lištička - Email - Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Cool getWeather - Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\emdmlkgfcploenkbkhgoibipkpkmbnoh
hclgegipaehbigmbhdpfapmjadbaldib - Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib
Skype Click to Call - Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Seznam Lištička - Rychlá volba - Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Chromium Startpages ======================

C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Preferences
43":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}]},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":60792}},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}]},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.youtube-mp3.org:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"youtu.be:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}]},"youtu.be:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true}},"supports_quic":{"address":"192.168.1.129","used_quic":true},"version":3}},"ntp":{"app_page_names":["Aplikace"]},"password_bubble":{"nopes":0},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":26,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{"[*.]www.twitch.tv,*":{"setting":2}},"cookies":{},"fullscreen":{"http://nahnoji.cz:80,http://simpsonovi.nikee.net:80":{"setting":1},"https://openload.io:443,http://www.milujemeserialy.eu:80":{"setting":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{"https://www.facebook.com:443,*":{"setting":1}},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]www.twitch.tv,*":{"multiple-automatic-downloads":2},"http://nahnoji.cz:80,http://simpsonovi.nikee.net:80":{"fullscreen":1},"https://openload.io:443,http://www.milujemeserialy.eu:80":{"fullscreen":1},"https://www.facebook.com:443,*":{"last_used":{"media-stream-mic":1431157300.908774},"media-stream-mic":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"pref_version":1},"created_by_version":"42.0.2311.90","exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"PrvnĂ­ uĹľivatel","per_host_zoom_levels":{}},"protection":{"macs":{"extensions":null}},"safebrowsing":{"extended_reporting_enabled":true},"savefile":{"default_directory":"C:\\Users\\Win7\\Videos","type":1},"selectfile":{"last_directory":"C:\\Users\\Win7\\Videos"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13074006633690135"},"sync_promo":{"startup_count":10},"translate_accepted_count":{"en":0},"translate_blocked_languages":["cs"],"translate_denied_count":{"en":2},"translate_last_denied_time":1430828774745.308,"translate_too_often_denied":true,"translate_whitelists":{}}


==== Chromium Fix ======================

C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.smartshopping.com_0.localstorage deleted successfully
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.smartshopping.com_0.localstorage-journal deleted successfully
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.trololol.cz_0.localstorage deleted successfully
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.trololol.cz_0.localstorage-journal deleted successfully
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage deleted successfully
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage-journal deleted successfully
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dealsboss.co_0.localstorage deleted successfully
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dealsboss.co_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=56 folders=34 31246738 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Win7\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Win7\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on p  12.06.2015 at 22:09:34,01 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

Po kliknutí na odkaz, ke stažení příslušného launcheru mi to hlásí, že webová stránka obsahuje škodlivý potenciál a nabízí mi to jedině vrátit se o stránku zpátky.

Tak spustte jen samotny FRST bez launcheru

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Win7 (administrator) on WIN7-PC on 12-06-2015 22:31:06
Running from C:\Users\Win7\Desktop
Loaded Profiles: Win7 (Available Profiles: Win7)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28787840 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7457336 2015-05-28] (GOG.com)
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\MountPoints2: {394543d1-0571-11e5-9e7e-00241dcdb3d5} - F:\autorun.exe
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\MountPoints2: {7e8769b0-f320-11e4-9b66-00241dcdb3d5} - F:\autorun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2602774305-1385625029-2453676051-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-20]
CHR Extension: (Google Docs) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-20]
CHR Extension: (Google Drive) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-20]
CHR Extension: (YouTube) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-20]
CHR Extension: (Google Search) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-20]
CHR Extension: (Google Sheets) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-20]
CHR Extension: (Skype Click to Call) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-11]
CHR Extension: (Google Wallet) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-20]
CHR Extension: (Gmail) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1751096 2015-05-28] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6666808 2015-06-03] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-04] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2589496 2014-10-17] (AVG Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-05-28] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-09-09] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-12 22:31 - 2015-06-12 22:31 - 00013211 _____ C:\Users\Win7\Desktop\FRST.txt
2015-06-12 22:31 - 2015-06-12 22:31 - 00000000 ____D C:\FRST
2015-06-12 22:19 - 2015-06-12 22:19 - 02108928 _____ (Farbar) C:\Users\Win7\Desktop\FRST64.exe
2015-06-12 22:07 - 2015-06-12 21:57 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-06-12 21:58 - 2015-06-12 22:09 - 00012624 _____ C:\zoek-results.log
2015-06-12 21:57 - 2015-06-12 22:08 - 00000000 ____D C:\zoek_backup
2015-06-12 21:54 - 2015-06-12 21:55 - 01308672 _____ C:\Users\Win7\Desktop\zoek.exe
2015-06-12 21:42 - 2015-06-12 21:43 - 00000000 ____D C:\AdwCleaner
2015-06-12 21:41 - 2015-06-12 21:41 - 02231296 _____ C:\Users\Win7\Desktop\adwcleaner_4.206.exe
2015-06-12 12:49 - 2015-06-12 12:49 - 506744299 _____ C:\Windows\MEMORY.DMP
2015-06-12 12:49 - 2015-06-12 12:49 - 00329064 _____ C:\Windows\Minidump\061215-22105-01.dmp
2015-06-12 12:49 - 2015-06-12 12:49 - 00000000 ____D C:\Windows\Minidump
2015-06-09 21:58 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-09 21:58 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 21:58 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 21:58 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-09 21:58 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 21:58 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-09 21:58 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-09 21:58 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 21:58 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-09 21:58 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 21:58 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-09 21:58 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-09 21:58 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-09 21:58 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 21:58 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-09 21:58 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 21:58 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-09 21:58 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-09 21:58 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-09 21:58 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 21:58 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 21:58 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 21:58 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 21:58 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 21:58 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-09 21:58 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 21:58 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 21:58 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 21:58 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 21:58 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-09 21:58 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-09 21:58 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-09 21:58 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 21:58 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 21:58 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-09 21:58 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-09 21:58 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-09 21:58 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-09 21:58 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-09 21:58 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-09 21:58 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-09 21:58 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 21:58 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-09 21:58 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 21:58 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 21:58 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 21:58 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 21:57 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 21:57 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-09 21:57 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-09 21:57 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-09 21:57 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-09 21:57 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-09 21:57 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-09 21:57 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-09 21:57 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-09 21:57 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-09 21:57 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-09 21:57 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-09 21:57 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-09 21:57 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-09 21:57 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-09 21:57 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-09 21:57 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-09 21:57 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-09 21:57 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-09 21:57 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-09 21:57 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-09 21:57 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-09 21:57 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-09 21:57 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-09 21:57 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-09 21:57 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-09 21:57 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-09 21:57 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-09 21:57 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-09 21:57 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-09 21:57 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-09 21:57 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-09 21:57 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-09 21:57 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-09 21:57 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-09 21:57 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-09 21:57 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-09 21:57 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-09 21:57 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-09 21:57 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 21:57 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-09 21:57 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 21:57 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-09 21:57 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 21:57 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 21:57 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 21:57 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 21:57 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-09 21:57 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-09 21:57 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 21:57 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-09 21:57 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-09 21:57 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-09 21:57 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-09 21:57 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-09 21:57 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-09 21:57 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-09 21:57 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-09 21:57 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 21:57 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 21:57 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-09 21:57 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-09 21:57 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-09 21:57 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-09 21:57 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-09 21:57 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-09 21:57 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-09 21:57 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-09 21:57 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-09 21:57 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-09 21:57 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-09 21:56 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-09 21:56 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 21:56 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 21:56 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-08 13:39 - 2015-06-08 14:06 - 493695894 _____ C:\Users\Win7\Downloads\Game-of-Thrones-S05E09-CZ-titulky-v-obraze.mkv
2015-06-03 15:27 - 2015-06-03 15:27 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-03 14:57 - 2015-06-03 14:57 - 00304320 _____ (Random-Logic) C:\Users\Win7\Downloads\Nepotvrzeno 306102.crdownload
2015-06-02 22:04 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-02 22:00 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-02 22:00 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-02 22:00 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-02 21:45 - 2015-06-02 21:45 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-02 21:45 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-02 21:45 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-01 22:47 - 2015-06-12 21:26 - 00000000 ____D C:\rsit
2015-06-01 22:47 - 2015-06-12 21:26 - 00000000 ____D C:\Program Files\trend micro
2015-06-01 22:46 - 2015-06-01 22:46 - 01222144 _____ C:\Users\Win7\Downloads\RSITx64.exe
2015-06-01 15:58 - 2015-06-01 16:10 - 209715204 _____ C:\Users\Win7\Downloads\The.Settlers.7-Razor1911.CZ.part01.rar
2015-06-01 12:29 - 2015-06-01 12:29 - 00000000 ____D C:\Users\Win7\AppData\Local\GWX
2015-05-29 14:41 - 2015-06-12 22:08 - 00001882 _____ C:\Windows\PFRO.log
2015-05-29 00:06 - 2015-06-12 22:17 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-29 00:06 - 2015-06-12 22:09 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-29 00:06 - 2015-06-10 12:19 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-29 00:06 - 2015-05-29 00:12 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-29 00:06 - 2015-05-29 00:12 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-29 00:06 - 2015-05-29 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-29 00:05 - 2015-05-29 00:05 - 43251280 _____ (Google Inc.) C:\Users\Win7\Downloads\ChromeStandaloneSetup.exe
2015-05-28 23:31 - 2015-06-12 12:49 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-28 22:37 - 2015-06-12 22:09 - 00000530 _____ C:\Windows\Tasks\cool_getweather_helper_service.job
2015-05-28 22:37 - 2015-05-28 22:37 - 00003482 _____ C:\Windows\System32\Tasks\cool_getweather_helper_service
2015-05-28 22:31 - 2015-05-28 23:03 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Seznam.cz
2015-05-28 22:22 - 2015-05-28 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-05-28 22:22 - 2015-05-28 22:22 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-05-28 22:17 - 2015-05-28 22:22 - 00000000 ____D C:\Users\Win7\AppData\Roaming\DAEMON Tools Lite
2015-05-28 22:17 - 2015-05-28 22:21 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-05-28 22:17 - 2015-05-28 22:17 - 00001773 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-05-28 22:17 - 2015-05-28 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-05-28 22:16 - 2015-05-28 22:17 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-05-28 21:39 - 2015-06-12 22:09 - 00003902 _____ C:\Windows\setupact.log
2015-05-28 21:39 - 2015-05-28 21:39 - 00000000 _____ C:\Windows\setuperr.log
2015-05-27 13:22 - 2015-06-03 20:54 - 00000000 ____D C:\Users\Win7\AppData\Local\GalaxyCommunicationService
2015-05-27 11:49 - 2015-05-27 17:10 - 1451819008 _____ C:\Users\Win7\Downloads\Life-is-Strange-Episode-3---Chaos-Theory-CODEX.iso
2015-05-24 20:15 - 2015-05-24 20:15 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Macromedia
2015-05-24 20:15 - 2015-05-24 20:15 - 00000000 ____D C:\Users\Win7\AppData\Roaming\LolClient
2015-05-24 18:03 - 2015-05-24 18:03 - 00001658 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-05-24 18:03 - 2015-05-24 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-05-24 18:03 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-05-24 18:03 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-05-24 18:03 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-05-24 18:01 - 2015-05-24 20:16 - 00000000 ____D C:\Program Files (x86)\Lol
2015-05-24 18:01 - 2015-05-24 18:03 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Riot Games
2015-05-24 18:00 - 2015-05-24 18:00 - 30993712 _____ (Riot Games) C:\Users\Win7\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe
2015-05-24 12:02 - 2015-05-24 15:23 - 3599499264 _____ C:\Users\Win7\Downloads\Life-Is-Strange-Episode.2-CODEX.iso
2015-05-24 02:19 - 2015-05-24 02:19 - 00000000 ____D C:\Users\Win7\AppData\Local\EMU
2015-05-24 02:10 - 2015-05-24 02:12 - 00000000 ____D C:\Program Files (x86)\Life Is Strange
2015-05-24 00:06 - 2015-05-24 00:06 - 00000000 ____D C:\Users\Win7\AppData\Local\2K Games
2015-05-24 00:03 - 2015-05-24 00:03 - 00002062 _____ C:\Users\Win7\Desktop\MAFIA II .lnk
2015-05-23 23:55 - 2015-05-23 23:55 - 00000000 ____D C:\Program Files (x86)\2K Games
2015-05-21 23:04 - 2015-05-22 01:10 - 2271134291 _____ C:\Users\Win7\Downloads\NOVINKA_RYCHLE-A-ZBĚSILE-7_Fast-and-Furious-7_2015_CZ_tit.mp4
2015-05-21 22:29 - 2015-05-21 23:02 - 585035131 _____ C:\Users\Win7\Downloads\Grand-Theft-Auto-V-(GTA-5-PC-SKIDROW-3DM)-[Update-5-V1.0.350.2-&-Crack-V4-2015-05-01]-[JohnyHD].zip
2015-05-21 11:10 - 2015-05-21 11:10 - 00000562 _____ C:\Users\Public\Desktop\Fraps.lnk
2015-05-21 11:10 - 2015-05-21 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-05-20 11:52 - 2015-06-10 12:25 - 00000000 ____D C:\Users\Win7\Documents\The Witcher 3
2015-05-20 11:52 - 2015-05-20 11:52 - 00000000 ____D C:\Users\Win7\AppData\Roaming\NVIDIA
2015-05-20 11:47 - 2015-05-28 09:04 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-20 11:47 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-20 11:47 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-20 11:47 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-20 11:47 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-20 11:31 - 2015-05-20 11:42 - 290481224 _____ (NVIDIA Corporation) C:\Users\Win7\Downloads\352.86-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-05-20 11:19 - 2015-06-10 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-05-20 11:19 - 2015-05-20 11:19 - 00001059 _____ C:\Users\Public\Desktop\The Witcher 3.lnk
2015-05-20 11:19 - 2015-05-20 11:19 - 00000000 ____D C:\ProgramData\GOG.com
2015-05-20 11:19 - 2015-05-20 11:19 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2015-05-20 10:34 - 2015-05-27 13:27 - 00000000 ____D C:\GOG Games
2015-05-18 17:03 - 2015-05-18 17:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-05-17 16:33 - 2015-05-17 16:40 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Apple Computer
2015-05-17 16:33 - 2015-05-17 16:33 - 00000000 ____D C:\Users\Win7\AppData\Local\Apple Computer
2015-05-17 16:32 - 2015-05-17 16:32 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-05-17 16:32 - 2015-05-17 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-17 16:32 - 2015-05-17 16:32 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-17 16:32 - 2015-05-17 16:32 - 00000000 ____D C:\ProgramData\Apple Computer
2015-05-17 16:32 - 2015-05-17 16:32 - 00000000 ____D C:\Program Files\iTunes
2015-05-17 16:32 - 2015-05-17 16:32 - 00000000 ____D C:\Program Files\iPod
2015-05-17 16:32 - 2015-05-17 16:32 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-05-17 16:32 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-05-17 16:31 - 2015-05-17 16:31 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-05-17 16:31 - 2015-05-17 16:31 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-05-17 16:31 - 2015-05-17 16:31 - 00000000 ____D C:\Users\Win7\AppData\Local\Apple
2015-05-17 16:31 - 2015-05-17 16:31 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-05-17 16:30 - 2015-05-17 16:32 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-05-17 16:29 - 2015-05-17 16:30 - 00000000 ____D C:\ProgramData\Apple
2015-05-16 22:39 - 2015-05-16 22:39 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-16 22:39 - 2015-05-16 22:39 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-16 22:39 - 2015-05-16 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-16 22:38 - 2015-05-16 22:39 - 00000000 ____D C:\Program Files\CCleaner
2015-05-16 22:30 - 2015-05-16 22:31 - 06484352 _____ (Piriform Ltd) C:\Users\Win7\Downloads\ccsetup505.exe
2015-05-16 18:37 - 2015-05-16 18:37 - 00000000 ____D C:\Users\Win7\AppData\Local\Chromium
2015-05-16 18:33 - 2015-05-16 18:33 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2015-05-16 18:13 - 2015-05-16 18:30 - 00000000 ____D C:\Program Files (x86)\Total War Shogun 2
2015-05-14 13:35 - 2015-05-14 13:35 - 00000000 ____D C:\Users\Win7\AppData\Local\Adobe
2015-05-14 00:46 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 00:46 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:15 - 2015-05-13 13:15 - 00000000 ____D C:\Users\Win7\AppData\Roaming\dvdcss
2015-05-13 11:56 - 2015-05-13 14:53 - 3171593702 _____ C:\Users\Win7\Downloads\Rychle-a-zběsile-6-cz.avi
2015-05-13 08:11 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 08:11 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 08:06 - 2015-05-13 10:21 - 2433251732 _____ C:\Users\Win7\Downloads\Rychle-a-zběsile-4-(2009).avi
2015-05-13 08:06 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 08:05 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 08:05 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 08:05 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 08:05 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 08:05 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 08:05 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 08:05 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 08:05 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 08:05 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 08:05 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 08:05 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 08:05 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 08:05 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 08:05 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 08:05 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 08:05 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 08:05 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-12 22:28 - 2015-05-11 19:33 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Skype
2015-06-12 22:17 - 2009-07-14 06:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-12 22:17 - 2009-07-14 06:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-12 22:13 - 2015-04-20 08:13 - 01692099 _____ C:\Windows\WindowsUpdate.log
2015-06-12 22:09 - 2015-05-05 15:17 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-12 22:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-12 22:08 - 2015-04-20 09:53 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-12 17:06 - 2015-04-20 14:28 - 00000000 ____D C:\Users\Win7\AppData\Roaming\vlc
2015-06-12 14:49 - 2015-05-10 18:05 - 00002206 _____ C:\Users\Win7\Desktop\Grand Theft Auto V.lnk
2015-06-12 14:49 - 2015-05-10 18:05 - 00000080 _____ C:\Users\Win7\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-12 14:46 - 2015-05-10 18:06 - 00000000 ____D C:\Program Files\Rockstar Games
2015-06-12 14:46 - 2015-05-04 22:56 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-11 15:09 - 2015-05-11 20:27 - 00000000 ____D C:\Users\Win7\AppData\Roaming\TS3Client
2015-06-10 18:08 - 2015-05-11 19:33 - 00000000 ____D C:\ProgramData\Skype
2015-06-10 11:29 - 2010-11-21 11:27 - 00668138 _____ C:\Windows\system32\perfh005.dat
2015-06-10 11:29 - 2010-11-21 11:27 - 00140798 _____ C:\Windows\system32\perfc005.dat
2015-06-10 11:29 - 2009-07-14 07:13 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-10 11:22 - 2009-07-14 06:45 - 00294136 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 11:20 - 2015-04-20 11:30 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 11:20 - 2015-04-20 11:30 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 11:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 01:21 - 2015-04-20 10:03 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 01:17 - 2015-04-20 10:03 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-04 12:10 - 2015-05-11 20:26 - 00000000 ____D C:\Users\Win7\AppData\Local\TeamSpeak 3 Client
2015-06-02 22:04 - 2015-05-10 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-02 22:04 - 2015-04-20 09:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-02 21:46 - 2015-05-10 23:45 - 00000000 ____D C:\Users\Win7\AppData\Local\NVIDIA Corporation
2015-06-02 21:46 - 2015-04-20 11:47 - 00000000 ____D C:\Users\Win7\AppData\Local\NVIDIA
2015-05-29 00:06 - 2015-04-20 14:30 - 00000000 ____D C:\Program Files (x86)\Google
2015-05-28 22:22 - 2015-05-04 22:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-28 22:15 - 2015-05-05 14:26 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-05-28 22:06 - 2015-05-05 14:40 - 00000000 ____D C:\Users\Win7\AppData\Roaming\DAEMON Tools Pro
2015-05-28 09:04 - 2015-05-10 23:41 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 09:04 - 2015-04-20 09:52 - 00112968 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-28 09:04 - 2015-04-20 09:52 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-28 09:04 - 2015-02-20 01:18 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2015-02-20 01:18 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-28 09:04 - 2015-02-20 01:18 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-28 09:04 - 2015-02-20 01:18 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 06:15 - 2015-04-20 09:52 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2015-04-20 09:52 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2015-04-20 09:52 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2015-04-20 09:52 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2015-04-20 09:52 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2015-04-20 09:52 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2015-04-20 09:52 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-25 12:01 - 2015-05-11 19:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-24 02:16 - 2015-05-06 17:31 - 00000000 ____D C:\Users\Win7\Documents\My Games
2015-05-24 00:06 - 2015-05-06 14:18 - 00000000 ____D C:\Users\Win7\AppData\Local\SKIDROW
2015-05-23 03:47 - 2015-05-10 23:45 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-23 03:47 - 2015-05-10 23:45 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47 - 2015-05-10 23:45 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2015-05-10 23:45 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-20 15:08 - 2015-04-20 11:30 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 15:08 - 2015-04-20 11:30 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 11:48 - 2015-04-20 09:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-20 11:22 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-17 13:25 - 2015-05-09 17:35 - 00000000 ____D C:\Users\Win7\AppData\Local\dxhr
2015-05-16 22:41 - 2015-04-20 09:06 - 00000000 ____D C:\Windows\Panther
2015-05-16 10:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-15 22:40 - 2015-05-06 19:29 - 00000000 ____D C:\Users\Win7\AppData\Roaming\My Battle for Middle-earth(tm) II Files
2015-05-14 14:00 - 2015-04-20 14:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 13:36 - 2015-04-20 14:31 - 00000000 ____D C:\ProgramData\Adobe
2015-05-14 13:35 - 2015-04-20 11:47 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Adobe
2015-05-14 10:36 - 2010-11-21 11:38 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 10:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 00:53 - 2015-04-20 14:38 - 00001912 _____ C:\Windows\epplauncher.mif
2015-05-14 00:52 - 2015-04-20 14:38 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-14 00:52 - 2015-04-20 14:37 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-05-14 00:52 - 2015-04-20 14:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-05-13 08:52 - 2015-02-20 01:18 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 11:44

==================== End of log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
  HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
  HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28787840 2015-06-02] (Skype Technologies S.A.)
  HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
  HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\MountPoints2: {394543d1-0571-11e5-9e7e-00241dcdb3d5} - F:\autorun.exe
  HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\MountPoints2: {7e8769b0-f320-11e4-9b66-00241dcdb3d5} - F:\autorun.exe
  
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  
  CHR Extension: (Skype Click to Call) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-11]
  CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
  
  R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
  R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
  R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2589496 2014-10-17] (AVG Technologies)
  R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-09-09] (TuneUp Software)
  
  C:\Program Files (x86)\Skype\Toolbars
  C:\Program Files (x86)\AVG
  2015-06-12 22:31 - 2015-06-12 22:31 - 00013211 _____ C:\Users\Win7\Desktop\FRST.txt
  2015-06-12 22:07 - 2015-06-12 21:57 - 00024064 _____ C:\Windows\zoek-delete.exe
  2015-06-12 21:58 - 2015-06-12 22:09 - 00012624 _____ C:\zoek-results.log
  2015-06-12 21:57 - 2015-06-12 22:08 - 00000000 ____D C:\zoek_backup
  2015-06-12 21:54 - 2015-06-12 21:55 - 01308672 _____ C:\Users\Win7\Desktop\zoek.exe
  2015-06-12 21:42 - 2015-06-12 21:43 - 00000000 ____D C:\AdwCleaner
  2015-06-12 21:41 - 2015-06-12 21:41 - 02231296 _____ C:\Users\Win7\Desktop\adwcleaner_4.206.exe
  2015-06-01 22:47 - 2015-06-12 21:26 - 00000000 ____D C:\rsit
  2015-06-01 22:47 - 2015-06-12 21:26 - 00000000 ____D C:\Program Files\trend micro
  2015-06-01 22:46 - 2015-06-01 22:46 - 01222144 _____ C:\Users\Win7\Downloads\RSITx64.exe
  
  2015-05-29 00:06 - 2015-06-12 22:17 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  2015-05-29 00:06 - 2015-06-12 22:09 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  2015-05-28 22:37 - 2015-06-12 22:09 - 00000530 _____ C:\Windows\Tasks\cool_getweather_helper_service.job
  2015-05-28 22:37 - 2015-05-28 22:37 - 00003482 _____ C:\Windows\System32\Tasks\cool_getweather_helper_service
  2015-06-12 14:49 - 2015-05-10 18:05 - 00000080 _____ C:\Users\Win7\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Win7 at 2015-06-12 22:43:29 Run:1
Running from C:\Users\Win7\Desktop
Loaded Profiles: Win7 (Available Profiles: Win7)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28787840 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\MountPoints2: {394543d1-0571-11e5-9e7e-00241dcdb3d5} - F:\autorun.exe
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\...\MountPoints2: {7e8769b0-f320-11e4-9b66-00241dcdb3d5} - F:\autorun.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

CHR Extension: (Skype Click to Call) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2589496 2014-10-17] (AVG Technologies)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-09-09] (TuneUp Software)

C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\AVG
2015-06-12 22:31 - 2015-06-12 22:31 - 00013211 _____ C:\Users\Win7\Desktop\FRST.txt
2015-06-12 22:07 - 2015-06-12 21:57 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-06-12 21:58 - 2015-06-12 22:09 - 00012624 _____ C:\zoek-results.log
2015-06-12 21:57 - 2015-06-12 22:08 - 00000000 ____D C:\zoek_backup
2015-06-12 21:54 - 2015-06-12 21:55 - 01308672 _____ C:\Users\Win7\Desktop\zoek.exe
2015-06-12 21:42 - 2015-06-12 21:43 - 00000000 ____D C:\AdwCleaner
2015-06-12 21:41 - 2015-06-12 21:41 - 02231296 _____ C:\Users\Win7\Desktop\adwcleaner_4.206.exe
2015-06-01 22:47 - 2015-06-12 21:26 - 00000000 ____D C:\rsit
2015-06-01 22:47 - 2015-06-12 21:26 - 00000000 ____D C:\Program Files\trend micro
2015-06-01 22:46 - 2015-06-01 22:46 - 01222144 _____ C:\Users\Win7\Downloads\RSITx64.exe

2015-05-29 00:06 - 2015-06-12 22:17 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-29 00:06 - 2015-06-12 22:09 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-28 22:37 - 2015-06-12 22:09 - 00000530 _____ C:\Windows\Tasks\cool_getweather_helper_service.job
2015-05-28 22:37 - 2015-05-28 22:37 - 00003482 _____ C:\Windows\System32\Tasks\cool_getweather_helper_service
2015-06-12 14:49 - 2015-05-10 18:05 - 00000080 _____ C:\Users\Win7\AppData\Local???????????????????

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
"HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{394543d1-0571-11e5-9e7e-00241dcdb3d5}" => key removed successfully
HKCR\CLSID\{394543d1-0571-11e5-9e7e-00241dcdb3d5} => key not found.
"HKU\S-1-5-21-2602774305-1385625029-2453676051-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e8769b0-f320-11e4-9b66-00241dcdb3d5}" => key removed successfully
HKCR\CLSID\{7e8769b0-f320-11e4-9b66-00241dcdb3d5} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully.
c2cautoupdatesvc => Service removed successfully
c2cpnrsvc => Service removed successfully
TuneUp.UtilitiesSvc => Service removed successfully
TuneUpUtilitiesDrv => Service stopped successfully.
TuneUpUtilitiesDrv => Service removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully.
C:\Program Files (x86)\AVG => moved successfully.
C:\Users\Win7\Desktop\FRST.txt => moved successfully.
C:\Windows\zoek-delete.exe => moved successfully.
C:\zoek-results.log => moved successfully.
C:\zoek_backup => moved successfully.
C:\Users\Win7\Desktop\zoek.exe => moved successfully.
C:\AdwCleaner => moved successfully.
C:\Users\Win7\Desktop\adwcleaner_4.206.exe => moved successfully.
C:\rsit => moved successfully.
C:\Program Files\trend micro => moved successfully.
C:\Users\Win7\Downloads\RSITx64.exe => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\cool_getweather_helper_service.job => moved successfully.
C:\Windows\System32\Tasks\cool_getweather_helper_service => moved successfully.

"C:\Users\Win7\AppData\Local???????????????????" folder move:

Could not move "C:\Users\Win7\AppData\Local???????????????????" folder => Scheduled to move on reboot.

C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 402.2 MB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-12 22:45:58)<=

"C:\Users\Win7\AppData\Local???????????????????" => Could not move

==== End of Fixlog 22:45:58 ====

Jak se chova PC??

Reklamy se už neobjevují, nenaskakují automaticky a prohlížeč se rapidně zrychlil, myslím, že v pořádku. Velice vám děkuji za pomoc a za váš strávený čas!

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse