VIRY.CZ

Dobry den,

V prehliadaci chrome sa mi pri navstevovani webov stava, ze pri kliknuti na nejaky odkaz mi vyskoci nove okno a v nom reklama napriklad "vyhrajte ipad/iphone" alebo sa ma stranka pokusa presmerovat cez zeroredirect1.com
Stava sa mi to maximalne 2 az 3 krat za den, ze mi takato reklama vyskoci, nikdy nie viac.

Nakolko sa snazim mat system v poriadku pravidelne pouzivam nastroje ako adwcleaner, jrt, malwarebytes a ccleaner tak som vsetky uvedene nastorje pouzil avsak tieto reklamy sa obajavuju stale.
Neviem ako tuto situaciu riesit tak sa obraciam s prosbou na vas.

Prikladam log z RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by oooo at 2015-09-15 17:11:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 32 GB (16%) free of 201 GB
Total RAM: 3884 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:11:31, on 15. 9. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\oooo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: ImDisk Virtual Disk Driver Helper (ImDskSvc) - Unknown owner - C:\Windows\system32\imdsksvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\SysWOW64\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9693 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
C:\Windows\system32\imdsksvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" f5a3cd12-f16b-4bd3-af0b-f8722e8d20e8
C:\Windows\System32\svchost.exe -k secsvcs
\??\C:\Windows\system32\conhost.exe "210874103220547507631694641349-1736351168-1331430278-42649649673697015899565544
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c9a60639-26da-4daa-ad00-c135e7f5963e -SystemEventPortName:HostProcess-b9c3b175-607d-4cd9-b328-d6cb17db765b -IoCancelEventPortName:HostProcess-662d2621-79dc-45e4-b5ab-1f701acec65a -NonStateChangingEventPortName:HostProcess-26ee8f33-0172-4c0e-8a34-bc5725ac594c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c0a6c2ac-5b04-44e6-941f-5933957b7a26 -DeviceGroupId:WpdFsGroup
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "8747758241191449958-522142724139244258-1775960763175678462119277904451095363340
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {EAC0FC00-1097-48E6-8E4D-84E6375A76CC}
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
WDC.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\GWX\GWX.exe"

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\oooo\Desktop\DI Premium.m3u"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4996.0.918387456\2133910893" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2993 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.1.1171757531\340177198" --font-cache-shared-handle=1772 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.2.1446694972\987706604" --font-cache-shared-handle=1880 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.3.1979005253\1834765377" --font-cache-shared-handle=2140 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.4.1823262525\112303535" --font-cache-shared-handle=2324 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.5.516859633\1168079453" --font-cache-shared-handle=2396 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.6.1961264731\1297924644" --font-cache-shared-handle=2424 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.7.1577865285\1518752115" --font-cache-shared-handle=2812 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.8.802353855\846806222" --font-cache-shared-handle=2904 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.9.1774185494\604727825" --font-cache-shared-handle=2968 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.10.1864531987\1212857359" --font-cache-shared-handle=3052 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.11.100687163\1322139729" --font-cache-shared-handle=3140 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.13.412225443\874640624" --font-cache-shared-handle=3552 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.14.1449526463\868299501" --font-cache-shared-handle=3640 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.15.1363613899\1316125356" --font-cache-shared-handle=3724 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.17.448247610\825484842" --font-cache-shared-handle=7664 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.18.1902651135\1382103908" --font-cache-shared-handle=8824 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.19.1150160195\1941556039" --font-cache-shared-handle=9656 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.21.1438096943\1281573243" --font-cache-shared-handle=10568 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.22.574736826\1328663431" --font-cache-shared-handle=9396 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.23.1146537687\1018123235" --font-cache-shared-handle=11828 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.25.1905039656\846581366" --font-cache-shared-handle=12880 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.32.1306692005\1982741329" --font-cache-shared-handle=2032 /prefetch:673131151
taskhost.exe $(Arg0)
"C:\Users\oooo\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4996.36.64413507\50253674" --font-cache-shared-handle=8492 /prefetch:673131151

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npnxgameEU.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default\extensions\
sk@dictionaries.addons.mozilla.org
{3d7eb24f-2740-49df-8937-200b1cc08f8a}

C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default\searchplugins\
btjunkie.xml
csfd.xml
dictionarycom.xml
domain-lookup.xml
google-us.xml
imdb.xml
slex.xml
titulkycom.xml
urban-dictionary.xml
wolfram-alpha.xml
youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2015-07-14 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A2FC513E-843E-4113-8B97-138D700C7405}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2000-01-01 168944]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2000-01-01 394224]
"Persistence"=C:\Windows\system32\igfxpers.exe [2000-01-01 418800]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2000-01-01 307768]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-07-24 1710568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
C:\Users\oooo\AppData\Local\Akamai\netsession_win.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17 8418584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2015-04-14 2089056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM Tray Agent]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe [2014-11-18 255072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GUDelayStartup]
C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallerLauncher]
C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-07-24 1710568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusAlerts]
C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2013-04-18 313656]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll, C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2000-01-01 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=181
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=177

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-09-15 17:11:27 ----D---- C:\rsit
2015-09-09 16:14:08 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 16:14:08 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 16:14:07 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 16:14:05 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 16:14:01 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 16:14:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 16:14:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 16:14:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 16:14:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 16:14:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 16:14:00 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 16:14:00 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 16:13:58 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 16:13:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 16:13:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 16:13:58 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 16:13:58 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 16:13:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 16:13:57 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 16:13:57 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 16:13:57 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 16:13:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 16:13:56 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 16:13:55 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 16:13:55 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 16:13:54 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 16:13:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 16:13:54 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 16:13:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 16:13:53 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 16:13:53 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 16:13:53 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 16:13:53 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 16:13:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 16:13:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 16:13:52 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 16:13:52 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 16:13:50 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 16:13:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 16:13:49 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 16:13:01 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 16:13:01 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 16:13:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 16:13:00 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 16:13:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 16:13:00 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 16:13:00 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 16:12:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 16:12:58 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 16:12:58 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 16:12:58 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 16:12:57 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 16:12:57 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 16:12:57 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 16:12:57 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 16:12:56 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\smss.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 16:12:54 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 16:12:54 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 16:12:52 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 16:12:52 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 16:12:52 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 16:12:21 ----A---- C:\Windows\system32\consent.exe
2015-09-09 16:12:21 ----A---- C:\Windows\system32\authui.dll
2015-09-09 16:12:20 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 16:12:20 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 16:12:06 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 16:12:06 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 16:12:05 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 16:12:05 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 16:11:56 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 16:11:55 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 16:11:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 16:11:54 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 16:11:53 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 16:11:52 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 16:11:52 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 16:11:23 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 16:11:22 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 16:11:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 16:11:20 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 16:11:20 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 16:11:20 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wups.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-31 11:36:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-30 18:06:50 ----D---- C:\Users\oooo\AppData\Roaming\TS3Client
2015-08-25 18:55:00 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-08-25 18:55:00 ----A---- C:\Windows\system32\tzres.dll
2015-08-25 18:54:28 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-08-25 18:54:28 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-08-25 18:54:28 ----A---- C:\Windows\system32\dwmcore.dll
2015-08-25 18:54:28 ----A---- C:\Windows\system32\dwmapi.dll

======List of files/folders modified in the last 1 month======

2015-09-15 17:11:29 ----D---- C:\Windows\temp
2015-09-15 17:11:29 ----D---- C:\Program Files\trend micro
2015-09-15 16:55:00 ----D---- C:\Windows\Prefetch
2015-09-15 16:54:59 ----D---- C:\Windows\System32
2015-09-15 16:54:59 ----D---- C:\Windows\inf
2015-09-15 16:54:59 ----D---- C:\Windows\debug
2015-09-15 16:54:59 ----D---- C:\Windows
2015-09-15 16:00:57 ----D---- C:\Program Files (x86)\World of Warcraft
2015-09-15 15:24:20 ----D---- C:\Program Files (x86)\Battle.net
2015-09-15 15:06:00 ----D---- C:\ProgramData\VMware
2015-09-15 15:05:36 ----D---- C:\ProgramData\NVIDIA
2015-09-15 06:33:22 ----D---- C:\Windows\system32\config
2015-09-14 20:54:21 ----D---- C:\Users\oooo\AppData\Roaming\deluge
2015-09-14 20:20:48 ----SHD---- C:\Windows\Installer
2015-09-14 20:14:49 ----RD---- C:\Program Files (x86)
2015-09-14 20:14:30 ----D---- C:\Windows\Tasks
2015-09-14 14:18:13 ----D---- C:\Users\oooo\AppData\Roaming\vlc
2015-09-14 00:15:25 ----D---- C:\Program Files (x86)\Deluge
2015-09-13 15:29:19 ----D---- C:\Windows\system32\Tasks
2015-09-13 15:28:44 ----SHD---- C:\System Volume Information
2015-09-13 15:24:58 ----D---- C:\AdwCleaner
2015-09-12 07:16:02 ----D---- C:\Windows\rescache
2015-09-11 21:04:24 ----D---- C:\Users\oooo\AppData\Roaming\Python-Eggs
2015-09-11 16:33:32 ----D---- C:\Windows\Microsoft.NET
2015-09-11 16:30:20 ----RSD---- C:\Windows\assembly
2015-09-10 15:36:52 ----D---- C:\ProgramData\Microsoft Help
2015-09-10 14:56:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-10 14:49:50 ----D---- C:\Windows\winsxs
2015-09-10 14:46:25 ----D---- C:\Windows\SysWOW64
2015-09-10 14:46:25 ----D---- C:\Program Files\Windows Journal
2015-09-10 14:46:23 ----D---- C:\Windows\ehome
2015-09-10 14:46:23 ----D---- C:\Program Files\Internet Explorer
2015-09-10 14:46:22 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-10 14:46:20 ----D---- C:\Windows\system32\en-US
2015-09-10 14:46:20 ----D---- C:\Windows\PolicyDefinitions
2015-09-10 14:46:18 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-10 14:46:11 ----D---- C:\Windows\system32\drivers
2015-09-10 14:46:11 ----D---- C:\Windows\AppPatch
2015-09-10 14:46:04 ----D---- C:\Windows\system32\Boot
2015-09-09 20:53:29 ----D---- C:\Windows\system32\MRT
2015-09-09 16:09:33 ----D---- C:\Windows\system32\catroot2
2015-09-08 15:18:53 ----D---- C:\Program Files (x86)\Opera
2015-09-07 15:41:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-07-02 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-09-09 386680]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2015-05-21 85584]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2015-05-21 76480]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-11-21 916024]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-11-21 128080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 AWEAlloc;AWE Memory Allocation Driver; C:\Windows\system32\DRIVERS\awealloc.sys [2014-12-14 20536]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-05-22 55488]
R2 ImDisk;ImDisk Virtual Disk Driver; C:\Windows\system32\DRIVERS\imdisk.sys [2014-12-17 43584]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2015-05-31 48832]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2015-05-31 26816]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2015-05-31 66752]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2000-01-01 735360]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2000-01-01 12312928]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2000-01-01 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2000-01-01 317440]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2000-01-01 173656]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-10-12 131552]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-07-24 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-07-03 47976]
R3 vmkbd2;VMware kbd2; \??\C:\Windows\system32\drivers\VMkbd.sys [2015-05-31 33472]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2015-05-31 28864]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2014-11-18 14944]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2014-11-18 10208]
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2015-02-07 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2015-02-07 30424]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-11-21 141440]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 WinUSB;Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
S3 xb1usb;Microsoft Xbox One Controller Driver; C:\Windows\system32\DRIVERS\xb1usb.sys [2014-05-27 34016]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-07-02 242880]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-24 1155216]
R2 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-12-04 174592]
R2 ImDskSvc;ImDisk Virtual Disk Driver Helper; C:\Windows\system32\imdsksvc.exe [2014-12-17 18016]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-24 1871504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-07-24 5544592]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-07-29 5613328]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2015-05-31 87744]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\SysWOW64\vmnetdhcp.exe [2015-05-31 359104]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2015-05-22 916672]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [2015-05-31 438464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-31 149160]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-02 837312]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Dobry den. Prikladam log.

# AdwCleaner v5.007 - Logfile created 16/09/2015 at 01:13:33
# Updated 08/09/2015 by Xplode
# Database : 2015-09-15.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : oooo - OOOO-PC
# Running from : C:\Users\oooo\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default\StumbleUpon

***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C12].txt - [730 bytes] ##########

Dejte nový log RSIT.

Dobry den. Dnes som si ulozil, ze kde sa ma to snazi presmerovat: http://zl1.zeroredirect1.com/zcvisitor/ ... 325349bfab

Tu je log s RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by oooo at 2015-09-16 20:25:34
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (17%) free of 201 GB
Total RAM: 3884 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:25:42, on 16. 9. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\trend micro\oooo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: ImDisk Virtual Disk Driver Helper (ImDskSvc) - Unknown owner - C:\Windows\system32\imdsksvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\SysWOW64\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8168 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
C:\Windows\system32\imdsksvc.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {B786DAE7-BBA9-42DD-AA6E-075479A10CDE}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" f5a3cd12-f16b-4bd3-af0b-f8722e8d20e8
\??\C:\Windows\system32\conhost.exe "5375104501735145588-616245569-623772095-1755065857632393215-1456536579845107077
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "724594289-1132456143-3711116-1395030794-19683405632111443136181441972-580659118
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
ATKOSD.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
WDC.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2d3de945-64e6-401e-a380-ef3771fb8730 -SystemEventPortName:HostProcess-d150edd4-ef1e-49a7-9613-15cf100dae0f -IoCancelEventPortName:HostProcess-d37bbed7-99fd-4ed6-a97b-ea1d41802ca9 -NonStateChangingEventPortName:HostProcess-384c4e30-285c-4060-aa50-f531a0770fb4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8d0b0787-75a0-4023-8de0-a8c9b981c9d1 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

"C:\Users\oooo\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npnxgameEU.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default\extensions\
sk@dictionaries.addons.mozilla.org
{3d7eb24f-2740-49df-8937-200b1cc08f8a}

C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default\searchplugins\
csfd.xml
dictionarycom.xml
domain-lookup.xml
google-us.xml
imdb.xml
slex.xml
titulkycom.xml
urban-dictionary.xml
wolfram-alpha.xml
youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2015-07-14 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A2FC513E-843E-4113-8B97-138D700C7405}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2000-01-01 168944]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2000-01-01 394224]
"Persistence"=C:\Windows\system32\igfxpers.exe [2000-01-01 418800]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2000-01-01 307768]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-07-24 1710568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
C:\Users\oooo\AppData\Local\Akamai\netsession_win.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17 8418584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2015-04-14 2089056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM Tray Agent]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe [2014-11-18 255072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GUDelayStartup]
C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallerLauncher]
C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-07-24 1710568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusAlerts]
C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2013-04-18 313656]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll, C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2000-01-01 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=181
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=177

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-09-16 01:15:09 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-09-15 17:11:27 ----D---- C:\rsit
2015-09-09 16:14:08 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 16:14:08 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 16:14:07 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 16:14:05 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 16:14:01 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 16:14:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 16:14:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 16:14:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 16:14:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 16:14:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 16:14:00 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 16:14:00 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 16:13:58 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 16:13:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 16:13:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 16:13:58 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 16:13:58 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 16:13:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 16:13:57 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 16:13:57 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 16:13:57 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 16:13:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 16:13:56 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 16:13:55 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 16:13:55 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 16:13:54 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 16:13:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 16:13:54 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 16:13:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 16:13:53 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 16:13:53 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 16:13:53 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 16:13:53 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 16:13:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 16:13:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 16:13:52 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 16:13:52 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 16:13:50 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 16:13:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 16:13:49 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 16:13:01 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 16:13:01 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 16:13:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 16:13:00 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 16:13:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 16:13:00 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 16:13:00 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 16:12:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 16:12:58 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 16:12:58 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 16:12:58 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 16:12:57 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 16:12:57 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 16:12:57 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 16:12:57 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 16:12:56 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\smss.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 16:12:54 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 16:12:54 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 16:12:52 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 16:12:52 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 16:12:52 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 16:12:21 ----A---- C:\Windows\system32\consent.exe
2015-09-09 16:12:21 ----A---- C:\Windows\system32\authui.dll
2015-09-09 16:12:20 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 16:12:20 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 16:12:06 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 16:12:06 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 16:12:05 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 16:12:05 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 16:11:56 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 16:11:55 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 16:11:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 16:11:54 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 16:11:53 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 16:11:52 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 16:11:52 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 16:11:23 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 16:11:22 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 16:11:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 16:11:20 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 16:11:20 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 16:11:20 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wups.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-31 11:36:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-30 18:06:50 ----D---- C:\Users\oooo\AppData\Roaming\TS3Client
2015-08-25 18:55:00 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-08-25 18:55:00 ----A---- C:\Windows\system32\tzres.dll
2015-08-25 18:54:28 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-08-25 18:54:28 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-08-25 18:54:28 ----A---- C:\Windows\system32\dwmcore.dll
2015-08-25 18:54:28 ----A---- C:\Windows\system32\dwmapi.dll

======List of files/folders modified in the last 1 month======

2015-09-16 20:25:42 ----D---- C:\Windows\Prefetch
2015-09-16 20:25:38 ----D---- C:\Program Files\trend micro
2015-09-16 20:25:33 ----D---- C:\Windows\temp
2015-09-16 17:12:22 ----D---- C:\Program Files (x86)\World of Warcraft
2015-09-16 15:41:33 ----D---- C:\Users\oooo\AppData\Roaming\deluge
2015-09-16 15:35:08 ----D---- C:\Windows\system32\config
2015-09-16 13:07:26 ----D---- C:\Program Files (x86)\Battle.net
2015-09-16 13:05:06 ----D---- C:\ProgramData\VMware
2015-09-16 13:04:32 ----D---- C:\ProgramData\NVIDIA
2015-09-16 09:07:21 ----SHD---- C:\System Volume Information
2015-09-16 01:15:27 ----D---- C:\Windows
2015-09-16 01:15:09 ----D---- C:\Windows\System32
2015-09-16 01:13:33 ----D---- C:\AdwCleaner
2015-09-15 20:04:35 ----D---- C:\Users\oooo\AppData\Roaming\vlc
2015-09-15 16:54:59 ----D---- C:\Windows\inf
2015-09-15 16:54:59 ----D---- C:\Windows\debug
2015-09-14 20:20:48 ----SHD---- C:\Windows\Installer
2015-09-14 20:14:49 ----RD---- C:\Program Files (x86)
2015-09-14 20:14:30 ----D---- C:\Windows\Tasks
2015-09-14 00:15:25 ----D---- C:\Program Files (x86)\Deluge
2015-09-13 15:29:19 ----D---- C:\Windows\system32\Tasks
2015-09-12 07:16:02 ----D---- C:\Windows\rescache
2015-09-11 21:04:24 ----D---- C:\Users\oooo\AppData\Roaming\Python-Eggs
2015-09-11 16:33:32 ----D---- C:\Windows\Microsoft.NET
2015-09-11 16:30:20 ----RSD---- C:\Windows\assembly
2015-09-10 15:36:52 ----D---- C:\ProgramData\Microsoft Help
2015-09-10 14:56:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-10 14:49:50 ----D---- C:\Windows\winsxs
2015-09-10 14:46:25 ----D---- C:\Windows\SysWOW64
2015-09-10 14:46:25 ----D---- C:\Program Files\Windows Journal
2015-09-10 14:46:23 ----D---- C:\Windows\ehome
2015-09-10 14:46:23 ----D---- C:\Program Files\Internet Explorer
2015-09-10 14:46:22 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-10 14:46:20 ----D---- C:\Windows\system32\en-US
2015-09-10 14:46:20 ----D---- C:\Windows\PolicyDefinitions
2015-09-10 14:46:18 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-10 14:46:11 ----D---- C:\Windows\system32\drivers
2015-09-10 14:46:11 ----D---- C:\Windows\AppPatch
2015-09-10 14:46:04 ----D---- C:\Windows\system32\Boot
2015-09-09 20:53:29 ----D---- C:\Windows\system32\MRT
2015-09-09 16:09:33 ----D---- C:\Windows\system32\catroot2
2015-09-08 15:18:53 ----D---- C:\Program Files (x86)\Opera
2015-09-07 15:41:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-07-02 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-09-09 386680]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2015-05-21 85584]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2015-05-21 76480]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-11-21 916024]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-11-21 128080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 AWEAlloc;AWE Memory Allocation Driver; C:\Windows\system32\DRIVERS\awealloc.sys [2014-12-14 20536]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-05-22 55488]
R2 ImDisk;ImDisk Virtual Disk Driver; C:\Windows\system32\DRIVERS\imdisk.sys [2014-12-17 43584]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2015-05-31 48832]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2015-05-31 26816]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2015-05-31 66752]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2000-01-01 735360]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2000-01-01 12312928]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2000-01-01 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2000-01-01 317440]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2000-01-01 173656]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-10-12 131552]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-07-24 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-07-03 47976]
R3 vmkbd2;VMware kbd2; \??\C:\Windows\system32\drivers\VMkbd.sys [2015-05-31 33472]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2015-05-31 28864]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2014-11-18 14944]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2014-11-18 10208]
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2015-02-07 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2015-02-07 30424]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-11-21 141440]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 WinUSB;Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
S3 xb1usb;Microsoft Xbox One Controller Driver; C:\Windows\system32\DRIVERS\xb1usb.sys [2014-05-27 34016]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-07-02 242880]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-24 1155216]
R2 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-12-04 174592]
R2 ImDskSvc;ImDisk Virtual Disk Driver Helper; C:\Windows\system32\imdsksvc.exe [2014-12-17 18016]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-24 1871504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-07-24 5544592]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-07-29 5613328]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2015-05-31 87744]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\SysWOW64\vmnetdhcp.exe [2015-05-31 359104]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2015-05-22 916672]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [2015-05-31 438464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-31 149160]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-02 837312]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Users\oooo\AppData\Local\Akamai

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]/64

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by oooo at 2015-09-16 21:11:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (16%) free of 201 GB
Total RAM: 3884 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:12:06, on 16. 9. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\trend micro\oooo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: ImDisk Virtual Disk Driver Helper (ImDskSvc) - Unknown owner - C:\Windows\system32\imdsksvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\SysWOW64\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8168 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
C:\Windows\system32\imdsksvc.exe
"taskhost.exe"
taskeng.exe {5C25E736-6D04-4F92-B8F2-6E713B36D212}
taskeng.exe {26C9F0C1-2903-4EFB-9A2C-57E93F7D7DF3}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" f5a3cd12-f16b-4bd3-af0b-f8722e8d20e8
\??\C:\Windows\system32\conhost.exe "-806080516747934621-14109182-12198736821356291274-18603149331960064496-147620064
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1754048934304726328-14005138082730786311229660780-1105819372-89013679978616688
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
WDC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cdbcebd6-fca6-4e4b-aa76-6104f55d58a3 -SystemEventPortName:HostProcess-077cb4b3-8145-456b-b2e4-9febb77414d7 -IoCancelEventPortName:HostProcess-905b834e-b27f-4ee9-a922-613de1b5c32e -NonStateChangingEventPortName:HostProcess-a794c7f2-1385-4582-922b-e78046498a29 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:72612a4f-56d2-4204-8d3b-55bee96e53f2 -DeviceGroupId:WpdFsGroup
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\oooo\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npnxgameEU.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default\extensions\
sk@dictionaries.addons.mozilla.org
{3d7eb24f-2740-49df-8937-200b1cc08f8a}

C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default\searchplugins\
csfd.xml
dictionarycom.xml
domain-lookup.xml
google-us.xml
imdb.xml
slex.xml
titulkycom.xml
urban-dictionary.xml
wolfram-alpha.xml
youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2015-07-14 1729752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2000-01-01 168944]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2000-01-01 394224]
"Persistence"=C:\Windows\system32\igfxpers.exe [2000-01-01 418800]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2000-01-01 307768]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-07-24 1710568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17 8418584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2015-04-14 2089056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM Tray Agent]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe [2014-11-18 255072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GUDelayStartup]
C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallerLauncher]
C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-07-24 1710568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusAlerts]
C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2013-04-18 313656]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll, C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2000-01-01 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=181
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=177

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-09-16 21:08:08 ----D---- C:\_OTM
2015-09-16 01:15:09 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-09-15 17:11:27 ----D---- C:\rsit
2015-09-09 16:14:08 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 16:14:08 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 16:14:07 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 16:14:05 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 16:14:01 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 16:14:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 16:14:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 16:14:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 16:14:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 16:14:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 16:14:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 16:14:00 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 16:14:00 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 16:13:58 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 16:13:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 16:13:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 16:13:58 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 16:13:58 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 16:13:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 16:13:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 16:13:57 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 16:13:57 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 16:13:57 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 16:13:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 16:13:56 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 16:13:55 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 16:13:55 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 16:13:54 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 16:13:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 16:13:54 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 16:13:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 16:13:53 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 16:13:53 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 16:13:53 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 16:13:53 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 16:13:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 16:13:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 16:13:52 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 16:13:52 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 16:13:51 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 16:13:50 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 16:13:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 16:13:49 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 16:13:01 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 16:13:01 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 16:13:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 16:13:00 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 16:13:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 16:13:00 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 16:13:00 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 16:12:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 16:12:58 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 16:12:58 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 16:12:58 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 16:12:58 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 16:12:57 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 16:12:57 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 16:12:57 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 16:12:57 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 16:12:56 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 16:12:54 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\smss.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 16:12:54 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 16:12:54 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 16:12:54 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 16:12:54 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 16:12:52 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 16:12:52 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 16:12:52 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 16:12:52 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 16:12:52 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 16:12:52 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 16:12:51 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 16:12:51 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 16:12:51 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 16:12:21 ----A---- C:\Windows\system32\consent.exe
2015-09-09 16:12:21 ----A---- C:\Windows\system32\authui.dll
2015-09-09 16:12:20 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 16:12:20 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 16:12:06 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 16:12:06 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 16:12:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 16:12:05 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 16:12:05 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 16:11:56 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 16:11:55 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 16:11:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 16:11:54 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 16:11:53 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 16:11:52 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 16:11:52 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 16:11:23 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 16:11:23 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 16:11:23 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 16:11:22 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 16:11:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 16:11:20 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 16:11:20 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 16:11:20 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 16:11:19 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wups.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 16:11:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 16:11:19 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-31 11:36:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-30 18:06:50 ----D---- C:\Users\oooo\AppData\Roaming\TS3Client
2015-08-25 18:55:00 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-08-25 18:55:00 ----A---- C:\Windows\system32\tzres.dll
2015-08-25 18:54:28 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-08-25 18:54:28 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-08-25 18:54:28 ----A---- C:\Windows\system32\dwmcore.dll
2015-08-25 18:54:28 ----A---- C:\Windows\system32\dwmapi.dll

======List of files/folders modified in the last 1 month======

2015-09-16 21:12:06 ----D---- C:\Windows\Prefetch
2015-09-16 21:12:05 ----D---- C:\Windows\temp
2015-09-16 21:12:05 ----D---- C:\Program Files\trend micro
2015-09-16 21:10:55 ----D---- C:\ProgramData\VMware
2015-09-16 21:10:18 ----D---- C:\ProgramData\NVIDIA
2015-09-16 21:08:10 ----D---- C:\Windows\Tasks
2015-09-16 17:12:22 ----D---- C:\Program Files (x86)\World of Warcraft
2015-09-16 15:41:33 ----D---- C:\Users\oooo\AppData\Roaming\deluge
2015-09-16 15:35:08 ----D---- C:\Windows\system32\config
2015-09-16 13:07:26 ----D---- C:\Program Files (x86)\Battle.net
2015-09-16 09:07:21 ----SHD---- C:\System Volume Information
2015-09-16 01:15:27 ----D---- C:\Windows
2015-09-16 01:15:09 ----D---- C:\Windows\System32
2015-09-16 01:13:33 ----D---- C:\AdwCleaner
2015-09-15 20:04:35 ----D---- C:\Users\oooo\AppData\Roaming\vlc
2015-09-15 16:54:59 ----D---- C:\Windows\inf
2015-09-15 16:54:59 ----D---- C:\Windows\debug
2015-09-14 20:20:48 ----SHD---- C:\Windows\Installer
2015-09-14 20:14:49 ----RD---- C:\Program Files (x86)
2015-09-14 00:15:25 ----D---- C:\Program Files (x86)\Deluge
2015-09-13 15:29:19 ----D---- C:\Windows\system32\Tasks
2015-09-12 07:16:02 ----D---- C:\Windows\rescache
2015-09-11 21:04:24 ----D---- C:\Users\oooo\AppData\Roaming\Python-Eggs
2015-09-11 16:33:32 ----D---- C:\Windows\Microsoft.NET
2015-09-11 16:30:20 ----RSD---- C:\Windows\assembly
2015-09-10 15:36:52 ----D---- C:\ProgramData\Microsoft Help
2015-09-10 14:56:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-10 14:49:50 ----D---- C:\Windows\winsxs
2015-09-10 14:46:25 ----D---- C:\Windows\SysWOW64
2015-09-10 14:46:25 ----D---- C:\Program Files\Windows Journal
2015-09-10 14:46:23 ----D---- C:\Windows\ehome
2015-09-10 14:46:23 ----D---- C:\Program Files\Internet Explorer
2015-09-10 14:46:22 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-10 14:46:20 ----D---- C:\Windows\system32\en-US
2015-09-10 14:46:20 ----D---- C:\Windows\PolicyDefinitions
2015-09-10 14:46:18 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-10 14:46:11 ----D---- C:\Windows\system32\drivers
2015-09-10 14:46:11 ----D---- C:\Windows\AppPatch
2015-09-10 14:46:04 ----D---- C:\Windows\system32\Boot
2015-09-09 20:53:29 ----D---- C:\Windows\system32\MRT
2015-09-09 16:09:33 ----D---- C:\Windows\system32\catroot2
2015-09-08 15:18:53 ----D---- C:\Program Files (x86)\Opera
2015-09-07 15:41:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-07-02 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-09-09 386680]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2015-05-21 85584]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2015-05-21 76480]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-11-21 916024]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-11-21 128080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 AWEAlloc;AWE Memory Allocation Driver; C:\Windows\system32\DRIVERS\awealloc.sys [2014-12-14 20536]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-05-22 55488]
R2 ImDisk;ImDisk Virtual Disk Driver; C:\Windows\system32\DRIVERS\imdisk.sys [2014-12-17 43584]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2015-05-31 48832]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2015-05-31 26816]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2015-05-31 66752]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2000-01-01 735360]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2000-01-01 12312928]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2000-01-01 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2000-01-01 317440]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2000-01-01 173656]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-10-12 131552]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-07-24 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-07-03 47976]
R3 vmkbd2;VMware kbd2; \??\C:\Windows\system32\drivers\VMkbd.sys [2015-05-31 33472]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2015-05-31 28864]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2014-11-18 14944]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2014-11-18 10208]
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2015-02-07 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2015-02-07 30424]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-11-21 141440]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 WinUSB;Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
S3 xb1usb;Microsoft Xbox One Controller Driver; C:\Windows\system32\DRIVERS\xb1usb.sys [2014-05-27 34016]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-07-02 242880]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-24 1155216]
R2 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-12-04 174592]
R2 ImDskSvc;ImDisk Virtual Disk Driver Helper; C:\Windows\system32\imdsksvc.exe [2014-12-17 18016]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-24 1871504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-07-24 5544592]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-07-29 5613328]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2015-05-31 87744]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\SysWOW64\vmnetdhcp.exe [2015-05-31 359104]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2015-05-22 916672]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [2015-05-31 438464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-31 149160]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-02 837312]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

Dobry den,

pred tym sa taketo reklamy mohli objavit na akejkolvek stranke po kliknuti.
Teraz uz len na jednej jedinej, kontaktoval som prevadzkovatela s otazkou ci ide o ich sposob predavania reklamy alebo ci mam nejaky specificky browser hijacker.

Dakujem. Dam vediet ked mi odpisu.

Zkuste spustit Zoek:

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

Zoek.exe v5.0.0.0 Updated 17-09-2015
Tool run by oooo on çt 17. 09. 2015 at 19:46:12,61.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\oooo\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17. 9. 2015 19:47:24 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\R.G. Mechanics deleted successfully
C:\PROGRA~2\SecurityXploded deleted successfully
C:\PROGRA~2\Sony Mobile deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Sony Mobile deleted successfully
C:\Users\oooo\AppData\Roaming\DiskDefrag deleted successfully
C:\Users\oooo\AppData\Roaming\GlarySoft deleted successfully
C:\Users\oooo\AppData\Roaming\HpUpdate deleted successfully
C:\Users\oooo\AppData\Roaming\QuickScan deleted successfully
C:\Users\oooo\AppData\Local\Secunia PSI deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\6ck9lklr.default\prefs.js:

Added to C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\6ck9lklr.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default\prefs.js:
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\R.G. Mechanics not found
C:\PROGRA~2\SecurityXploded not found
C:\PROGRA~2\Sony Mobile not found
C:\Users\oooo\.android deleted
C:\PROGRA~2\The Talos Principle deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\6ck9lklr.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default
- Slovnky slovenskho pravopisu - %ProfilePath%\extensions\sk@dictionaries.addons.mozilla.org
- Flashblock - %ProfilePath%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
- Beef Taco Targeted Advertising Cookie Opt-Out - %ProfilePath%\extensions\john@velvetcache.org.xpi
- Slovak SK Language Pack - %ProfilePath%\extensions\langpack-sk@firefox.mozilla.org.xpi
- Page Hacker em:descriptionAdds a button to edit the current page em:creatornico@nc em:idpagehacker-nico@nc em:version1.2.1-signed em:homepageURLhttp:nicopensource.free.frdotclearindex.php?staticPage-Hacker em:iconURLchrome:pagehackerskinicon.png - %ProfilePath%\extensions\pagehacker-nico@nc.xpi
- Flagfox - %ProfilePath%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
- Undetermined - %ProfilePath%\extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi
- Linkification - %ProfilePath%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi
- X-notifier - %ProfilePath%\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
- StumbleUpon - %ProfilePath%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default
F2CD1D7524F8E15AAC55568B9F72DE5B - C:\ProgramData\NexonEU\NGM\npnxgameEU.dll - Nexon Game Controller


==== Chromium Look ======================

Google Chrome Version: 45.0.2454.93


YouTube Center - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajijnmbjgaeekdpmpohgppkckmnagimk
FB Emoticons - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe
Linkification - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflchafndefoljnhhholeekfpgmbphaf
CSS Reloader - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfpcpfijpdhabaoieccoclghgplmpbd
Feedly Notifier - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\egikgfbhipinieabdmcpigejkaomgjgb
Silver Bird - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic
Remember Password - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\enhinpoafplfmeeefjglkakjegjcakjl
Blur - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd
Readium - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl
Print or PDF with CleanPrint - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fklmmmdcofimkjmfjdnobmmgmefbapkf
AdBlock - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Downloads - Your Download Box - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjihnjejboipjmadkpmknccijhibnpfe
TinEye Reverse Image Search - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl
The Old Reader - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhdpibondcndkgpoobpnndbbelpidhpk
feedly - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob
ProxMate - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki
Notifier for Twitter - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikknnkomiokeodcdkknnhgjmncfiefmn
Spreed - speed read the web - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipikiaejjblmdopojhpejjmbedhlibno
Reddit Enhancement Suite - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb
New Tab Page - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa
Ghostery - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij
Priv3+ - oooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oigbhpafgooddcnlapndedpakbgpopoc

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\oooo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\oooo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\oooo\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\oooo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\oooo\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\oooo\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2A73E96-05DB-4966-BC24-A7855011AAB0} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\69E37A2BBD506694CB427A580511AA0B deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GUDelayStartup deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallerLauncher deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\oooo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\oooo\AppData\Roaming\Mozilla\Firefox\Profiles\nfpxljpg.default\personas\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\oooo\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\oooo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=237 folders=44 6779498936 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\oooo\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\oooo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on çt 17. 09. 2015 at 20:13:58,59 ======================

Něco smazal. Nastala změna?

Dobry den.

Nezaznamenal som dnes ziadnu reklamu.
Myslim, ze je problem vyrieseny.
Dakujem za pomoc.

Rádo se stalo!