adware v prohlizeci
Napsal: 04 pro 2015 16:46
Zdravim, v posledni dobe se mi zacali v prohlizeci zobrazovat reklamy, hlavne pres klikatelne obrazky, s hlavickou Ads by DNSUnlocker. pridavam RSIT log. dekuji za pomoc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2015-12-04 22:39:37
Microsoft Windows 10 Pro
System drive C: has 6 GB (3%) free of 176 GB
Total RAM: 7906 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:39:44, on 04.12.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
Running processes:
C:\Program Files\pia_manager\pia_manager.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Tomas\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Users\Tomas\AppData\Local\Temp\ocr4EFA.tmp\bin\rubyw.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Naver\LINE\Line.exe
C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe
C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Naver\LINE\LinePlayer\LinePlayer.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Tomas\AppData\Local\Temp\ocr93C4.tmp\bin\rubyw.exe
C:\Program Files\pia_manager\pia_tray\pia_tray.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe
C:\Program Files (x86)\Sharkystrator\sharkystrator.exe
C:\Program Files (x86)\StarsHelper\StarsHelper.exe
C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe
C:\Program Files (x86)\Sharkystrator\data\server\sharkystrator_server.exe
C:\Program Files (x86)\PokerTracker 4\PokerTrackerWeb4.exe
C:\Program Files (x86)\PokerTracker 4\PokerTrackerHud4.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tomas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CheckNDISPortF0ac94] C:\Program Files (x86)\Max Surf 100Mbps\Max Surf 100Mbps\CheckNDISPort_df.exe
O4 - HKLM\..\Run: [CancelAutoPlay_df] "C:\Program Files (x86)\Max Surf 100Mbps\Max Surf 100Mbps\CancelAutoPlay_df.exe" run
O4 - HKCU\..\Run: [f.lux] "C:\Users\Tomas\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [LINE] "C:\Program Files (x86)\Naver\LINE\LINE.exe" --booting
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [FreeCT] C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3271458213-3823914991-552590305-1003\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'postgres')
O4 - HKUS\S-1-5-21-3271458213-3823914991-552590305-1003\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'postgres')
O4 - Startup: Coral Poker notification.lnk = C:\Users\Tomas\AppData\Local\Coral Poker notification\notification_center.exe
O4 - Startup: Dropbox.lnk = C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: miranda64.exe – zástupce.lnk = C:\Program Files (x86)\Miranda\miranda64.exe
O4 - Startup: Slack.lnk = C:\Users\Tomas\AppData\Local\slack\Update.exe
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{2518A8D3-A6DB-41E1-949F-52E1440D7130}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{2A219DA4-BBBC-4168-8012-1326ED0257D3}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{37F9D89E-8879-4C66-8B16-9E33B4C1D46A}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{42E368B9-9A99-43BE-8D8A-D3CE935D3317}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{47BF4BD7-F220-4538-A820-A6B4C1E72F6C}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{4863FE95-669A-4B78-9ED7-30A8FC158CFB}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{4A8EAFEA-C32D-4DF3-BDA6-4B9AA21610FA}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D4F02B5-0693-4A34-95E9-338DC77A826C}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{622D1CC9-92E4-4EC6-BD7B-2D73DBE8C49E}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{656C4699-8864-4502-9AB0-69B922AE2811}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD72E71A-23FF-4899-BD7C-AC7A3210B414}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1F61CCB-30C6-462B-939C-769A39CB757A}: NameServer = 8.8.8.8 8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: CAM Service (CAMService) - Intel® Corporation - C:\Program Files\Intel\CAM\bin\CAMService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem116.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: postgresql-x64-9.0 - PostgreSQL Server 9.0 (postgresql-x64-9.0) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @oem35.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vmms.exe,-10 (vmms) - Unknown owner - C:\WINDOWS\system32\vmms.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17750 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\ibmpmsvc.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b27a0726-3502-4616-89f3-4bdd08e6020f -SystemEventPortName:HostProcess-cdc845d4-2c42-4f5b-ba4e-36d16c544105 -IoCancelEventPortName:HostProcess-f7ac0ec7-ddd5-4ce6-870e-1c2e0b3bbcd0 -NonStateChangingEventPortName:HostProcess-e9d8d01c-20fb-4c9d-9319-855f890236a3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ff6ff301-b371-4744-8bf7-d80951306e30 -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k netsvcs
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d438bc1b-14b5-492d-9778-3114d8a7ca44 -SystemEventPortName:HostProcess-7b6ab6df-e666-4978-aa32-4d6c19aad420 -IoCancelEventPortName:HostProcess-9865b38c-09c2-4ead-b439-3f70fbf2adef -NonStateChangingEventPortName:HostProcess-01ab2893-8d9e-4d3f-b886-cf242d5327e0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:af92b1a3-0d0e-44e6-971d-9cdbc92a3ff5 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1bd84a33-261d-4ec5-a91f-d4cfdf8e185e -SystemEventPortName:HostProcess-774a9409-9e18-4f14-bea0-ff08319d63b5 -IoCancelEventPortName:HostProcess-b3520a6c-00e8-42b6-863b-2b3ca3fcd729 -NonStateChangingEventPortName:HostProcess-0434d20b-cbab-4636-a7d5-84384b35f54d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ee1361bd-6b2c-41e1-a384-dadd09f17fb3 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-65bccf80-9c7e-4c0c-af3c-fcede6e792a1 -SystemEventPortName:HostProcess-4b77c9f7-7423-41be-8703-5eedd5dca73a -IoCancelEventPortName:HostProcess-68091050-0f80-4e49-9efa-b52f1ad2fb26 -NonStateChangingEventPortName:HostProcess-82b97264-4fe6-4521-b769-4c04a58c4873 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:62a1c111-db46-4f45-a284-f123a1df9ce0 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f348fe24-ec3c-4e45-884e-774f4c2dfcb3 -SystemEventPortName:HostProcess-333a3aa9-594b-41ca-806f-d29fef3f79f4 -IoCancelEventPortName:HostProcess-62d32c53-80b0-441d-84ca-b9cdc13b83c7 -NonStateChangingEventPortName:HostProcess-b080338b-f823-4ff8-94d8-a56def9e8554 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3bfc44f6-c91b-4695-99dc-9995c3de3b25 -DeviceGroupId:
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\WINDOWS\system32\CxAudMsg64.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\CAM\bin\CAMService.exe"
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
dashost.exe {d04eff4a-ccd0-4b62-b761cabe9de10dca}
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
C:\WINDOWS\system32\vmms.exe
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe" runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" -D "C:/Program Files/PostgreSQL/9.0/data"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forklog" "4660" "4664"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkboot" "4504" "-x3"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkboot" "4520" "-x4"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkavlauncher" "4500"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkcol" "4524"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\pia_manager\pia_manager.exe" --startup
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
igfxEM.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
igfxHK.exe
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Windows\RtsCM64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Users\Tomas\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Gyazo\GyStation.exe"
rubyw.exe "C:\Users\Tomas\AppData\Local\Temp\ocr4EFA.tmp\src\pia_manager.rb" --startup
"C:\Program Files\pia_manager\pia_manager.exe" --run
"C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Naver\LINE\Line.exe" --booting
"C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE" -Embedding
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe" -autorun
"C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
-line
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Miranda\miranda64.exe"
"C:\Users\Tomas\AppData\Local\slack\app-1.2.7\slack.exe" --startup"
"C:\Users\Tomas\AppData\Local\slack\app-1.2.7\slack.exe" --type=gpu-process --channel="7352.0.1096891782\1391615276" --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4256 /prefetch:822062411
C:\Users\Tomas\AppData\Local\slack\app-1.2.7\slack.exe --reporter-url=https://slack.com/apps/breakpad --application-name=Slack --v=1
"C:\Users\Tomas\AppData\Local\slack\app-1.2.7\slack.exe" --type=renderer --no-sandbox --lang=cs --app-user-model-id=com.squirrel.slack.slack --enable-plugins --node-integration=true --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --enable-gpu-rasterization --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="7352.1.552679816\631135191" /prefetch:673131151
"C:\Users\Tomas\AppData\Local\slack\app-1.2.7\slack.exe" --type=renderer --no-sandbox --lang=cs --app-user-model-id=com.squirrel.slack.slack --enable-plugins --node-integration=false --preload="C:\Users\Tomas\AppData\Local\slack\app-1.2.7\resources\app.asar\static\ssb-interop" --guest-instance-id=1 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --enable-gpu-rasterization --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="7352.2.58889895\1826474559" /prefetch:673131151
rubyw.exe "C:\Users\Tomas\AppData\Local\Temp\ocr93C4.tmp\src\pia_manager.rb" --run
"C:\Program Files\pia_manager\pia_tray\pia_tray.exe"
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1511.24020.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe"
"C:\Program Files (x86)\Sharkystrator\sharkystrator.exe"
"C:\Program Files (x86)\StarsHelper\StarsHelper.exe"
"C:\Program Files\PlaceMint\PlaceMint.exe"
"C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe" "C:\ahkwindow.ahk"
"C:\Program Files (x86)\Sharkystrator\data\server\sharkystrator_server.exe" "6864" "0x0798BFB8" "0x0798C038" "0x0798C420"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4456"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4472"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4476"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4460"
"C:\Program Files (x86)\PokerTracker 4\PokerTrackerWeb4.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\PokerTracker 4\Data\Bin\chromium\locales" --log-file="C:\Users\Tomas\AppData\Local\PokerTracker 4\PokerTrackerWeb4.log" --resources-dir-path="C:\Program Files (x86)\PokerTracker 4\Data\Bin\chromium" --uncaught-exception-stack-size=10 --channel="9528.0.1822106518\797026121" /prefetch:673131151
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4428"
"C:\Program Files (x86)\PokerTracker 4\PokerTrackerHud4.exe"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4472"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4516"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4436"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:11812 CREDAT:140547 /prefetch:2
"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
taskhostw.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="12692.0.1194967008\1717891379" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4256 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.2.295735540\1913509367" --font-cache-shared-handle=2644 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.3.1483128985\619475509" --font-cache-shared-handle=2816 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.4.783154846\266583840" --font-cache-shared-handle=2856 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.5.1164246699\1815857359" --font-cache-shared-handle=2616 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.6.859618035\1831143934" --font-cache-shared-handle=3096 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.7.1642051299\821702018" --font-cache-shared-handle=3208 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.9.20089011\1107421544" --font-cache-shared-handle=6328 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.10.400784761\1569465553" --font-cache-shared-handle=7636 /prefetch:673131151
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16565_none_1162030161f5c19b\TiWorker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe16_ Global\UsGthrCtrlFltPipeMssGthrPipe16 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 612 616 624 8192 620
"C:\Users\Tomas\Downloads\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe�
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3271458213-3823914991-552590305-1001Core.job - C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe� /c�
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3271458213-3823914991-552590305-1001UA.job - C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe� /ua /installsource scheduler�
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /c�
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /ua /installsource scheduler�
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\kzmwahti.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\kzmwahti.default\extensions\
{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20 219304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-02 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-10-13 2339032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8A6CAA2-533D-4AED-9E05-8EB19A4021AB}]
ExplorerWatcher Class - C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23 201216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20 153768]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-15 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-02 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-10-13 1731800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-15 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsCM"=C:\Windows\RTSCM64.EXE [2013-06-20 147160]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-07-18 396688]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-28 558496]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-03 2634872]
"SynLenovoHelper"=C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [2015-11-26 163960]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-25 935104]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Tomas\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2015-08-20 3098424]
"Dropbox Update"=C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 134512]
"OneDrive"=C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-10-31 548552]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
"LINE"=C:\Program Files (x86)\Naver\LINE\LINE.exe [2015-11-05 17380888]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2015-07-10 465920]
"FreeCT"=C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe [2014-02-25 2432280]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-09-16 134616]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-07 6133520]
"CheckNDISPortF0ac94"=C:\Program Files (x86)\Max Surf 100Mbps\Max Surf 100Mbps\CheckNDISPort_df.exe [2013-04-07 419072]
"CancelAutoPlay_df"=C:\Program Files (x86)\Max Surf 100Mbps\Max Surf 100Mbps\CancelAutoPlay_df.exe [2013-04-07 440648]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SteelSeries Engine 3.lnk - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Coral Poker notification.lnk - C:\Users\Tomas\AppData\Local\Coral Poker notification\notification_center.exe
Dropbox.lnk - C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
miranda64.exe – zástupce.lnk - C:\Program Files (x86)\Miranda\miranda64.exe
Slack.lnk - C:\Users\Tomas\AppData\Local\slack\Update.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2015-12-04 22:39:37 ----D---- C:\rsit
2015-12-04 15:33:50 ----HD---- C:\OneDriveTemp
2015-11-26 08:13:15 ----D---- C:\WINDOWS\LastGood.Tmp
2015-11-26 08:13:03 ----A---- C:\WINDOWS\SYSWOW64\SynCom.dll
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\SynTPCo34-4.dll
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\drivers\SynRMIHID_Aux.sys
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\drivers\Smb_driver_Intel_Aux.sys
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\drivers\Smb_driver_AMDASF_Aux.sys
2015-11-26 04:46:33 ----D---- C:\Program Files (x86)\FreeCountdownTimer
2015-11-26 04:16:16 ----D---- C:\WINDOWS\Panther
2015-11-26 04:16:14 ----HD---- C:\$WINDOWS.~BT
2015-11-21 21:44:52 ----D---- C:\Users\Tomas\AppData\Roaming\wameu.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
2015-11-11 11:25:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-11-11 11:25:24 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2015-11-11 11:25:23 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-11-11 11:25:22 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-11-11 11:25:22 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-11-11 11:25:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2015-11-11 11:25:21 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 11:25:18 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 11:25:17 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2015-11-11 11:25:17 ----A---- C:\WINDOWS\system32\dlnashext.dll
2015-11-11 11:25:17 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 11:25:16 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-11-11 11:25:16 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 11:25:16 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 11:25:16 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-11-11 11:25:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2015-11-11 11:25:15 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 11:25:15 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 11:25:15 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2015-11-11 11:25:15 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2015-11-11 11:25:14 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-11-11 11:25:14 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-11-11 11:25:13 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2015-11-11 11:25:13 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-11-11 11:25:13 ----A---- C:\WINDOWS\system32\internetmail.dll
2015-11-11 11:25:13 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-11-11 11:25:13 ----A---- C:\WINDOWS\system32\dssvc.dll
2015-11-11 11:25:13 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\system32\usermgr.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\system32\esent.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\system32\browserbroker.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-11-11 11:25:10 ----A---- C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 11:25:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-11-11 11:25:10 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-11-11 11:25:10 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Usb.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-11-11 11:25:09 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-11-11 11:25:09 ----A---- C:\WINDOWS\system32\hvix64.exe
2015-11-11 11:25:08 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2015-11-11 11:25:08 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 11:25:08 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 11:25:08 ----A---- C:\WINDOWS\system32\jscript.dll
2015-11-11 11:25:08 ----A---- C:\WINDOWS\system32\hvax64.exe
2015-11-11 11:25:07 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-11-11 11:25:07 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-11-11 11:25:07 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 11:25:06 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2015-11-08 04:01:51 ----D---- C:\Users\Tomas\AppData\Roaming\Slack
2015-11-05 16:21:04 ----D---- C:\Program Files (x86)\Betfair Poker
======List of files/folders modified in the last 1 month======
2015-12-04 22:39:43 ----D---- C:\Program Files\trend micro
2015-12-04 22:39:00 ----D---- C:\WINDOWS\system32\sru
2015-12-04 22:38:58 ----D---- C:\Program Files (x86)\Full Tilt Poker.Eu
2015-12-04 22:38:57 ----D---- C:\Users\Tomas\AppData\Roaming\Skype
2015-12-04 21:54:20 ----D---- C:\WINDOWS\Temp
2015-12-04 21:54:20 ----D---- C:\WINDOWS\System32
2015-12-04 21:09:01 ----D---- C:\Program Files (x86)\PokerStars
2015-12-04 21:08:58 ----HD---- C:\ProgramData
2015-12-04 21:08:58 ----D---- C:\Program Files (x86)\PokerTracker 4
2015-12-04 20:42:47 ----D---- C:\WINDOWS\INF
2015-12-04 20:42:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-04 20:41:33 ----D---- C:\WINDOWS\Prefetch
2015-12-04 20:38:16 ----D---- C:\Users\Tomas\AppData\Roaming\Dropbox
2015-12-04 20:37:29 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-04 20:37:23 ----D---- C:\ProgramData\Validity
2015-12-04 20:36:37 ----SHD---- C:\System Volume Information
2015-12-04 15:31:52 ----D---- C:\WINDOWS\system32\NDF
2015-12-04 13:17:48 ----D---- C:\WINDOWS\system32\config
2015-12-04 12:45:38 ----HD---- C:\Program Files\WindowsApps
2015-12-04 12:45:38 ----D---- C:\WINDOWS\AppReadiness
2015-12-04 02:10:36 ----D---- C:\WINDOWS\Microsoft.NET
2015-12-03 18:57:12 ----D---- C:\Users\Tomas\AppData\Roaming\vlc
2015-12-03 11:38:59 ----D---- C:\Program Files (x86)\PokerStars.FR
2015-12-03 10:55:03 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-12-03 10:54:24 ----D---- C:\Windows
2015-12-03 00:47:17 ----D---- C:\WINDOWS\debug
2015-12-03 00:33:11 ----D---- C:\Users\Tomas\AppData\Roaming\SimplePostflop
2015-12-03 00:31:12 ----D---- C:\Program Files (x86)\Steam
2015-12-03 00:31:04 ----D---- C:\WINDOWS\Minidump
2015-12-02 22:43:01 ----D---- C:\WINDOWS\system32\DriverStore
2015-12-02 16:48:14 ----SHD---- C:\WINDOWS\Installer
2015-12-02 16:48:13 ----D---- C:\Program Files\pia_manager
2015-12-02 15:47:49 ----D---- C:\WINDOWS\system32\catroot2
2015-12-02 14:48:14 ----D---- C:\Program Files (x86)\888Poker
2015-12-02 14:48:07 ----D---- C:\WINDOWS\SysWOW64
2015-11-28 08:39:18 ----D---- C:\Users\Tomas\AppData\Roaming\PacificPoker
2015-11-27 16:24:46 ----D---- C:\Users\Tomas\AppData\Roaming\qBittorrent
2015-11-27 04:33:22 ----D---- C:\WINDOWS\Tasks
2015-11-27 04:33:22 ----D---- C:\WINDOWS\system32\Tasks
2015-11-27 02:25:34 ----D---- C:\WINDOWS\system32\drivers
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\SynCOM.dll
2015-11-26 04:46:33 ----RD---- C:\Program Files (x86)
2015-11-26 04:16:14 ----D---- C:\WINDOWS\Logs
2015-11-22 21:52:51 ----D---- C:\Program Files\SimplePostflop
2015-11-22 00:00:41 ----D---- C:\Program Files (x86)\TeamViewer
2015-11-21 20:41:17 ----D---- C:\Users\Tomas\AppData\Roaming\SpinWiz
2015-11-13 15:14:30 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-13 15:14:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-11-13 13:31:22 ----D---- C:\WINDOWS\rescache
2015-11-13 01:23:37 ----RSD---- C:\WINDOWS\assembly
2015-11-12 14:33:26 ----D---- C:\WINDOWS\WinSxS
2015-11-11 23:58:11 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-11-11 23:58:11 ----D---- C:\WINDOWS\system32\cs-CZ
2015-11-11 23:58:11 ----D---- C:\WINDOWS\system32\appraiser
2015-11-11 23:58:11 ----D---- C:\WINDOWS\AppPatch
2015-11-11 12:14:19 ----D---- C:\ProgramData\Microsoft Help
2015-11-11 12:13:32 ----D---- C:\WINDOWS\CbsTemp
2015-11-11 12:06:05 ----A---- C:\WINDOWS\win.ini
2015-11-11 12:06:00 ----D---- C:\WINDOWS\system32\MRT
2015-11-11 11:58:06 ----A---- C:\WINDOWS\system32\MRT.exe
2015-11-10 10:07:34 ----D---- C:\found.000
2015-11-09 20:58:53 ----D---- C:\Program Files (x86)\qBittorrent
2015-11-05 16:18:12 ----D---- C:\Users\Tomas\AppData\Roaming\TeamViewer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-10-23 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-10-23 274808]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2015-08-18 88256]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-10-07 40080]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-10-23 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-11-07 1059656]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-11-07 449992]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R1 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2015-08-18 70496]
R1 SMIDriver;SMIDriver; C:\WINDOWS\system32\drivers\smi.sys [2015-03-03 19656]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-10-23 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-10-23 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-10-23 153744]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 CnxtHdAudService;@oem125.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-09-04 1561728]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2015-06-26 72400]
R3 ibtusb;@oem110.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-03-20 253680]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-07-18 6389688]
R3 iwdbus;@oem96.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 MEIx64;@oem103.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NdisImPlatformMp;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-531; C:\WINDOWS\System32\drivers\NdisImPlatform.sys [2015-07-10 129024]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-07-10 3496216]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-10-07 11210056]
R3 RTL8168;@oem127.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2014-06-17 873688]
R3 RTSPER;@oem111.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 761600]
R3 rtsuvc;@oem47.inf,%rtsuvc.DeviceDesc%;Integrated Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2013-06-20 8244312]
R3 SensorsSimulatorDriver;@oem15.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2015-07-10 214016]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-11-26 51320]
R3 sshid;@oem40.inf,%sshid.SvcDesc%;SteelSeries HID Service; C:\WINDOWS\System32\drivers\sshid.sys [2015-04-14 43616]
R3 Synth3dVsp;Synth3dVsp; C:\WINDOWS\System32\drivers\synth3dvsp.sys [2015-08-18 101888]
R3 SynTP;@oem128.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-11-26 636536]
R3 tap0901;@oem33.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-11-05 27136]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 EvolveVirtualAdapter;@oem6.inf,%EvolveVirtualAdapter.Service.DispName%;Evolve Virtual Miniport Driver; C:\WINDOWS\System32\drivers\evolve.sys [2014-10-10 21656]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2015-01-20 44296]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 lunparser;@%systemroot%\system32\drivers\lunparser.sys,-10010; C:\WINDOWS\system32\drivers\lunparser.sys [2015-08-18 20992]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 passthruparser;@%systemroot%\system32\drivers\passthruparser.sys,-10010; C:\WINDOWS\system32\drivers\passthruparser.sys [2015-08-18 22528]
S3 pvhdparser;@%systemroot%\system32\drivers\pvhdparser.sys,-10010; C:\WINDOWS\system32\drivers\pvhdparser.sys [2015-08-18 49152]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-08-18 934752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 rt640x64;@oem114.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-06-18 895256]
S3 ssdevfactory;SteelSeries Device Factory Service; C:\WINDOWS\System32\drivers\ssdevfactory.sys [2015-04-14 25088]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tap-tb-0901;TunnelBear Adapter V9; C:\WINDOWS\system32\DRIVERS\tap-tb-0901.sys [2014-08-12 38656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-23 146600]
R2 CAMService;CAM Service; C:\Program Files\Intel\CAM\bin\CAMService.exe [2014-09-03 1243344]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-07-02 242880]
R2 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 IBMPMSVC;@oem116.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2015-06-26 131312]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-07-18 351120]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-09-05 157128]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2015-06-04 111560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-10-03 938800]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 postgresql-x64-9.0;postgresql-x64-9.0 - PostgreSQL Server 9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-x64-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w []
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2014-02-21 134336]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-11-26 255096]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-27 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-07-10 50352]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-07-18 283024]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-13 147624]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2015-08-04 38200]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-08-18 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-05 836176]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2015-09-29 21536]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2015-12-04 22:39:37
Microsoft Windows 10 Pro
System drive C: has 6 GB (3%) free of 176 GB
Total RAM: 7906 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:39:44, on 04.12.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
Running processes:
C:\Program Files\pia_manager\pia_manager.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Tomas\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Users\Tomas\AppData\Local\Temp\ocr4EFA.tmp\bin\rubyw.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Naver\LINE\Line.exe
C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe
C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Naver\LINE\LinePlayer\LinePlayer.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Tomas\AppData\Local\Temp\ocr93C4.tmp\bin\rubyw.exe
C:\Program Files\pia_manager\pia_tray\pia_tray.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe
C:\Program Files (x86)\Sharkystrator\sharkystrator.exe
C:\Program Files (x86)\StarsHelper\StarsHelper.exe
C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe
C:\Program Files (x86)\Sharkystrator\data\server\sharkystrator_server.exe
C:\Program Files (x86)\PokerTracker 4\PokerTrackerWeb4.exe
C:\Program Files (x86)\PokerTracker 4\PokerTrackerHud4.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tomas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CheckNDISPortF0ac94] C:\Program Files (x86)\Max Surf 100Mbps\Max Surf 100Mbps\CheckNDISPort_df.exe
O4 - HKLM\..\Run: [CancelAutoPlay_df] "C:\Program Files (x86)\Max Surf 100Mbps\Max Surf 100Mbps\CancelAutoPlay_df.exe" run
O4 - HKCU\..\Run: [f.lux] "C:\Users\Tomas\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [LINE] "C:\Program Files (x86)\Naver\LINE\LINE.exe" --booting
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [FreeCT] C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3271458213-3823914991-552590305-1003\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'postgres')
O4 - HKUS\S-1-5-21-3271458213-3823914991-552590305-1003\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'postgres')
O4 - Startup: Coral Poker notification.lnk = C:\Users\Tomas\AppData\Local\Coral Poker notification\notification_center.exe
O4 - Startup: Dropbox.lnk = C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: miranda64.exe – zástupce.lnk = C:\Program Files (x86)\Miranda\miranda64.exe
O4 - Startup: Slack.lnk = C:\Users\Tomas\AppData\Local\slack\Update.exe
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{2518A8D3-A6DB-41E1-949F-52E1440D7130}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{2A219DA4-BBBC-4168-8012-1326ED0257D3}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{37F9D89E-8879-4C66-8B16-9E33B4C1D46A}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{42E368B9-9A99-43BE-8D8A-D3CE935D3317}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{47BF4BD7-F220-4538-A820-A6B4C1E72F6C}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{4863FE95-669A-4B78-9ED7-30A8FC158CFB}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{4A8EAFEA-C32D-4DF3-BDA6-4B9AA21610FA}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D4F02B5-0693-4A34-95E9-338DC77A826C}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{622D1CC9-92E4-4EC6-BD7B-2D73DBE8C49E}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{656C4699-8864-4502-9AB0-69B922AE2811}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD72E71A-23FF-4899-BD7C-AC7A3210B414}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1F61CCB-30C6-462B-939C-769A39CB757A}: NameServer = 8.8.8.8 8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: CAM Service (CAMService) - Intel® Corporation - C:\Program Files\Intel\CAM\bin\CAMService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem116.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: postgresql-x64-9.0 - PostgreSQL Server 9.0 (postgresql-x64-9.0) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @oem35.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vmms.exe,-10 (vmms) - Unknown owner - C:\WINDOWS\system32\vmms.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17750 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\ibmpmsvc.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b27a0726-3502-4616-89f3-4bdd08e6020f -SystemEventPortName:HostProcess-cdc845d4-2c42-4f5b-ba4e-36d16c544105 -IoCancelEventPortName:HostProcess-f7ac0ec7-ddd5-4ce6-870e-1c2e0b3bbcd0 -NonStateChangingEventPortName:HostProcess-e9d8d01c-20fb-4c9d-9319-855f890236a3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ff6ff301-b371-4744-8bf7-d80951306e30 -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k netsvcs
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d438bc1b-14b5-492d-9778-3114d8a7ca44 -SystemEventPortName:HostProcess-7b6ab6df-e666-4978-aa32-4d6c19aad420 -IoCancelEventPortName:HostProcess-9865b38c-09c2-4ead-b439-3f70fbf2adef -NonStateChangingEventPortName:HostProcess-01ab2893-8d9e-4d3f-b886-cf242d5327e0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:af92b1a3-0d0e-44e6-971d-9cdbc92a3ff5 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1bd84a33-261d-4ec5-a91f-d4cfdf8e185e -SystemEventPortName:HostProcess-774a9409-9e18-4f14-bea0-ff08319d63b5 -IoCancelEventPortName:HostProcess-b3520a6c-00e8-42b6-863b-2b3ca3fcd729 -NonStateChangingEventPortName:HostProcess-0434d20b-cbab-4636-a7d5-84384b35f54d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ee1361bd-6b2c-41e1-a384-dadd09f17fb3 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-65bccf80-9c7e-4c0c-af3c-fcede6e792a1 -SystemEventPortName:HostProcess-4b77c9f7-7423-41be-8703-5eedd5dca73a -IoCancelEventPortName:HostProcess-68091050-0f80-4e49-9efa-b52f1ad2fb26 -NonStateChangingEventPortName:HostProcess-82b97264-4fe6-4521-b769-4c04a58c4873 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:62a1c111-db46-4f45-a284-f123a1df9ce0 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f348fe24-ec3c-4e45-884e-774f4c2dfcb3 -SystemEventPortName:HostProcess-333a3aa9-594b-41ca-806f-d29fef3f79f4 -IoCancelEventPortName:HostProcess-62d32c53-80b0-441d-84ca-b9cdc13b83c7 -NonStateChangingEventPortName:HostProcess-b080338b-f823-4ff8-94d8-a56def9e8554 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3bfc44f6-c91b-4695-99dc-9995c3de3b25 -DeviceGroupId:
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\WINDOWS\system32\CxAudMsg64.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\CAM\bin\CAMService.exe"
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
dashost.exe {d04eff4a-ccd0-4b62-b761cabe9de10dca}
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
C:\WINDOWS\system32\vmms.exe
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe" runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" -D "C:/Program Files/PostgreSQL/9.0/data"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forklog" "4660" "4664"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkboot" "4504" "-x3"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkboot" "4520" "-x4"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkavlauncher" "4500"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkcol" "4524"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\pia_manager\pia_manager.exe" --startup
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
igfxEM.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
igfxHK.exe
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Windows\RtsCM64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Users\Tomas\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Gyazo\GyStation.exe"
rubyw.exe "C:\Users\Tomas\AppData\Local\Temp\ocr4EFA.tmp\src\pia_manager.rb" --startup
"C:\Program Files\pia_manager\pia_manager.exe" --run
"C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Naver\LINE\Line.exe" --booting
"C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE" -Embedding
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe" -autorun
"C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
-line
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Miranda\miranda64.exe"
"C:\Users\Tomas\AppData\Local\slack\app-1.2.7\slack.exe" --startup"
"C:\Users\Tomas\AppData\Local\slack\app-1.2.7\slack.exe" --type=gpu-process --channel="7352.0.1096891782\1391615276" --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4256 /prefetch:822062411
C:\Users\Tomas\AppData\Local\slack\app-1.2.7\slack.exe --reporter-url=https://slack.com/apps/breakpad --application-name=Slack --v=1
"C:\Users\Tomas\AppData\Local\slack\app-1.2.7\slack.exe" --type=renderer --no-sandbox --lang=cs --app-user-model-id=com.squirrel.slack.slack --enable-plugins --node-integration=true --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --enable-gpu-rasterization --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="7352.1.552679816\631135191" /prefetch:673131151
"C:\Users\Tomas\AppData\Local\slack\app-1.2.7\slack.exe" --type=renderer --no-sandbox --lang=cs --app-user-model-id=com.squirrel.slack.slack --enable-plugins --node-integration=false --preload="C:\Users\Tomas\AppData\Local\slack\app-1.2.7\resources\app.asar\static\ssb-interop" --guest-instance-id=1 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --enable-gpu-rasterization --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="7352.2.58889895\1826474559" /prefetch:673131151
rubyw.exe "C:\Users\Tomas\AppData\Local\Temp\ocr93C4.tmp\src\pia_manager.rb" --run
"C:\Program Files\pia_manager\pia_tray\pia_tray.exe"
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1511.24020.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe"
"C:\Program Files (x86)\Sharkystrator\sharkystrator.exe"
"C:\Program Files (x86)\StarsHelper\StarsHelper.exe"
"C:\Program Files\PlaceMint\PlaceMint.exe"
"C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe" "C:\ahkwindow.ahk"
"C:\Program Files (x86)\Sharkystrator\data\server\sharkystrator_server.exe" "6864" "0x0798BFB8" "0x0798C038" "0x0798C420"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4456"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4472"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4476"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4460"
"C:\Program Files (x86)\PokerTracker 4\PokerTrackerWeb4.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\PokerTracker 4\Data\Bin\chromium\locales" --log-file="C:\Users\Tomas\AppData\Local\PokerTracker 4\PokerTrackerWeb4.log" --resources-dir-path="C:\Program Files (x86)\PokerTracker 4\Data\Bin\chromium" --uncaught-exception-stack-size=10 --channel="9528.0.1822106518\797026121" /prefetch:673131151
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4428"
"C:\Program Files (x86)\PokerTracker 4\PokerTrackerHud4.exe"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4472"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4516"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkbackend" "4436"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:11812 CREDAT:140547 /prefetch:2
"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
taskhostw.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="12692.0.1194967008\1717891379" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4256 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.2.295735540\1913509367" --font-cache-shared-handle=2644 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.3.1483128985\619475509" --font-cache-shared-handle=2816 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.4.783154846\266583840" --font-cache-shared-handle=2856 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.5.1164246699\1815857359" --font-cache-shared-handle=2616 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.6.859618035\1831143934" --font-cache-shared-handle=3096 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.7.1642051299\821702018" --font-cache-shared-handle=3208 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.9.20089011\1107421544" --font-cache-shared-handle=6328 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="12692.10.400784761\1569465553" --font-cache-shared-handle=7636 /prefetch:673131151
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16565_none_1162030161f5c19b\TiWorker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe16_ Global\UsGthrCtrlFltPipeMssGthrPipe16 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 612 616 624 8192 620
"C:\Users\Tomas\Downloads\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe�
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3271458213-3823914991-552590305-1001Core.job - C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe� /c�
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3271458213-3823914991-552590305-1001UA.job - C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe� /ua /installsource scheduler�
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /c�
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /ua /installsource scheduler�
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\kzmwahti.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\kzmwahti.default\extensions\
{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20 219304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-02 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-10-13 2339032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8A6CAA2-533D-4AED-9E05-8EB19A4021AB}]
ExplorerWatcher Class - C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23 201216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20 153768]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-15 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-02 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-10-13 1731800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-15 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsCM"=C:\Windows\RTSCM64.EXE [2013-06-20 147160]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-07-18 396688]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-28 558496]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-03 2634872]
"SynLenovoHelper"=C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [2015-11-26 163960]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-25 935104]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Tomas\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2015-08-20 3098424]
"Dropbox Update"=C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 134512]
"OneDrive"=C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-10-31 548552]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
"LINE"=C:\Program Files (x86)\Naver\LINE\LINE.exe [2015-11-05 17380888]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2015-07-10 465920]
"FreeCT"=C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe [2014-02-25 2432280]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-09-16 134616]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-07 6133520]
"CheckNDISPortF0ac94"=C:\Program Files (x86)\Max Surf 100Mbps\Max Surf 100Mbps\CheckNDISPort_df.exe [2013-04-07 419072]
"CancelAutoPlay_df"=C:\Program Files (x86)\Max Surf 100Mbps\Max Surf 100Mbps\CancelAutoPlay_df.exe [2013-04-07 440648]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SteelSeries Engine 3.lnk - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Coral Poker notification.lnk - C:\Users\Tomas\AppData\Local\Coral Poker notification\notification_center.exe
Dropbox.lnk - C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
miranda64.exe – zástupce.lnk - C:\Program Files (x86)\Miranda\miranda64.exe
Slack.lnk - C:\Users\Tomas\AppData\Local\slack\Update.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2015-12-04 22:39:37 ----D---- C:\rsit
2015-12-04 15:33:50 ----HD---- C:\OneDriveTemp
2015-11-26 08:13:15 ----D---- C:\WINDOWS\LastGood.Tmp
2015-11-26 08:13:03 ----A---- C:\WINDOWS\SYSWOW64\SynCom.dll
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\SynTPCo34-4.dll
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\drivers\SynRMIHID_Aux.sys
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\drivers\Smb_driver_Intel_Aux.sys
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\drivers\Smb_driver_AMDASF_Aux.sys
2015-11-26 04:46:33 ----D---- C:\Program Files (x86)\FreeCountdownTimer
2015-11-26 04:16:16 ----D---- C:\WINDOWS\Panther
2015-11-26 04:16:14 ----HD---- C:\$WINDOWS.~BT
2015-11-21 21:44:52 ----D---- C:\Users\Tomas\AppData\Roaming\wameu.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
2015-11-11 11:25:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-11-11 11:25:24 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2015-11-11 11:25:23 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-11-11 11:25:22 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-11-11 11:25:22 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-11-11 11:25:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2015-11-11 11:25:21 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 11:25:18 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 11:25:17 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2015-11-11 11:25:17 ----A---- C:\WINDOWS\system32\dlnashext.dll
2015-11-11 11:25:17 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 11:25:16 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-11-11 11:25:16 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 11:25:16 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 11:25:16 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-11-11 11:25:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2015-11-11 11:25:15 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 11:25:15 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 11:25:15 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2015-11-11 11:25:15 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2015-11-11 11:25:14 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-11-11 11:25:14 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-11-11 11:25:13 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2015-11-11 11:25:13 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-11-11 11:25:13 ----A---- C:\WINDOWS\system32\internetmail.dll
2015-11-11 11:25:13 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-11-11 11:25:13 ----A---- C:\WINDOWS\system32\dssvc.dll
2015-11-11 11:25:13 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\system32\usermgr.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\system32\esent.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\system32\browserbroker.dll
2015-11-11 11:25:12 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-11-11 11:25:10 ----A---- C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 11:25:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-11-11 11:25:10 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-11-11 11:25:10 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Usb.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-11-11 11:25:09 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 11:25:09 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-11-11 11:25:09 ----A---- C:\WINDOWS\system32\hvix64.exe
2015-11-11 11:25:08 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2015-11-11 11:25:08 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 11:25:08 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 11:25:08 ----A---- C:\WINDOWS\system32\jscript.dll
2015-11-11 11:25:08 ----A---- C:\WINDOWS\system32\hvax64.exe
2015-11-11 11:25:07 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-11-11 11:25:07 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-11-11 11:25:07 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 11:25:06 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2015-11-08 04:01:51 ----D---- C:\Users\Tomas\AppData\Roaming\Slack
2015-11-05 16:21:04 ----D---- C:\Program Files (x86)\Betfair Poker
======List of files/folders modified in the last 1 month======
2015-12-04 22:39:43 ----D---- C:\Program Files\trend micro
2015-12-04 22:39:00 ----D---- C:\WINDOWS\system32\sru
2015-12-04 22:38:58 ----D---- C:\Program Files (x86)\Full Tilt Poker.Eu
2015-12-04 22:38:57 ----D---- C:\Users\Tomas\AppData\Roaming\Skype
2015-12-04 21:54:20 ----D---- C:\WINDOWS\Temp
2015-12-04 21:54:20 ----D---- C:\WINDOWS\System32
2015-12-04 21:09:01 ----D---- C:\Program Files (x86)\PokerStars
2015-12-04 21:08:58 ----HD---- C:\ProgramData
2015-12-04 21:08:58 ----D---- C:\Program Files (x86)\PokerTracker 4
2015-12-04 20:42:47 ----D---- C:\WINDOWS\INF
2015-12-04 20:42:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-04 20:41:33 ----D---- C:\WINDOWS\Prefetch
2015-12-04 20:38:16 ----D---- C:\Users\Tomas\AppData\Roaming\Dropbox
2015-12-04 20:37:29 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-04 20:37:23 ----D---- C:\ProgramData\Validity
2015-12-04 20:36:37 ----SHD---- C:\System Volume Information
2015-12-04 15:31:52 ----D---- C:\WINDOWS\system32\NDF
2015-12-04 13:17:48 ----D---- C:\WINDOWS\system32\config
2015-12-04 12:45:38 ----HD---- C:\Program Files\WindowsApps
2015-12-04 12:45:38 ----D---- C:\WINDOWS\AppReadiness
2015-12-04 02:10:36 ----D---- C:\WINDOWS\Microsoft.NET
2015-12-03 18:57:12 ----D---- C:\Users\Tomas\AppData\Roaming\vlc
2015-12-03 11:38:59 ----D---- C:\Program Files (x86)\PokerStars.FR
2015-12-03 10:55:03 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-12-03 10:54:24 ----D---- C:\Windows
2015-12-03 00:47:17 ----D---- C:\WINDOWS\debug
2015-12-03 00:33:11 ----D---- C:\Users\Tomas\AppData\Roaming\SimplePostflop
2015-12-03 00:31:12 ----D---- C:\Program Files (x86)\Steam
2015-12-03 00:31:04 ----D---- C:\WINDOWS\Minidump
2015-12-02 22:43:01 ----D---- C:\WINDOWS\system32\DriverStore
2015-12-02 16:48:14 ----SHD---- C:\WINDOWS\Installer
2015-12-02 16:48:13 ----D---- C:\Program Files\pia_manager
2015-12-02 15:47:49 ----D---- C:\WINDOWS\system32\catroot2
2015-12-02 14:48:14 ----D---- C:\Program Files (x86)\888Poker
2015-12-02 14:48:07 ----D---- C:\WINDOWS\SysWOW64
2015-11-28 08:39:18 ----D---- C:\Users\Tomas\AppData\Roaming\PacificPoker
2015-11-27 16:24:46 ----D---- C:\Users\Tomas\AppData\Roaming\qBittorrent
2015-11-27 04:33:22 ----D---- C:\WINDOWS\Tasks
2015-11-27 04:33:22 ----D---- C:\WINDOWS\system32\Tasks
2015-11-27 02:25:34 ----D---- C:\WINDOWS\system32\drivers
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2015-11-26 08:13:03 ----A---- C:\WINDOWS\system32\SynCOM.dll
2015-11-26 04:46:33 ----RD---- C:\Program Files (x86)
2015-11-26 04:16:14 ----D---- C:\WINDOWS\Logs
2015-11-22 21:52:51 ----D---- C:\Program Files\SimplePostflop
2015-11-22 00:00:41 ----D---- C:\Program Files (x86)\TeamViewer
2015-11-21 20:41:17 ----D---- C:\Users\Tomas\AppData\Roaming\SpinWiz
2015-11-13 15:14:30 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-13 15:14:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-11-13 13:31:22 ----D---- C:\WINDOWS\rescache
2015-11-13 01:23:37 ----RSD---- C:\WINDOWS\assembly
2015-11-12 14:33:26 ----D---- C:\WINDOWS\WinSxS
2015-11-11 23:58:11 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-11-11 23:58:11 ----D---- C:\WINDOWS\system32\cs-CZ
2015-11-11 23:58:11 ----D---- C:\WINDOWS\system32\appraiser
2015-11-11 23:58:11 ----D---- C:\WINDOWS\AppPatch
2015-11-11 12:14:19 ----D---- C:\ProgramData\Microsoft Help
2015-11-11 12:13:32 ----D---- C:\WINDOWS\CbsTemp
2015-11-11 12:06:05 ----A---- C:\WINDOWS\win.ini
2015-11-11 12:06:00 ----D---- C:\WINDOWS\system32\MRT
2015-11-11 11:58:06 ----A---- C:\WINDOWS\system32\MRT.exe
2015-11-10 10:07:34 ----D---- C:\found.000
2015-11-09 20:58:53 ----D---- C:\Program Files (x86)\qBittorrent
2015-11-05 16:18:12 ----D---- C:\Users\Tomas\AppData\Roaming\TeamViewer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-10-23 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-10-23 274808]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2015-08-18 88256]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-10-07 40080]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-10-23 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-11-07 1059656]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-11-07 449992]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R1 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2015-08-18 70496]
R1 SMIDriver;SMIDriver; C:\WINDOWS\system32\drivers\smi.sys [2015-03-03 19656]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-10-23 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-10-23 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-10-23 153744]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 CnxtHdAudService;@oem125.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-09-04 1561728]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2015-06-26 72400]
R3 ibtusb;@oem110.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-03-20 253680]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-07-18 6389688]
R3 iwdbus;@oem96.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 MEIx64;@oem103.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NdisImPlatformMp;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-531; C:\WINDOWS\System32\drivers\NdisImPlatform.sys [2015-07-10 129024]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-07-10 3496216]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-10-07 11210056]
R3 RTL8168;@oem127.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2014-06-17 873688]
R3 RTSPER;@oem111.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 761600]
R3 rtsuvc;@oem47.inf,%rtsuvc.DeviceDesc%;Integrated Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2013-06-20 8244312]
R3 SensorsSimulatorDriver;@oem15.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2015-07-10 214016]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-11-26 51320]
R3 sshid;@oem40.inf,%sshid.SvcDesc%;SteelSeries HID Service; C:\WINDOWS\System32\drivers\sshid.sys [2015-04-14 43616]
R3 Synth3dVsp;Synth3dVsp; C:\WINDOWS\System32\drivers\synth3dvsp.sys [2015-08-18 101888]
R3 SynTP;@oem128.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-11-26 636536]
R3 tap0901;@oem33.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-11-05 27136]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 EvolveVirtualAdapter;@oem6.inf,%EvolveVirtualAdapter.Service.DispName%;Evolve Virtual Miniport Driver; C:\WINDOWS\System32\drivers\evolve.sys [2014-10-10 21656]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2015-01-20 44296]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 lunparser;@%systemroot%\system32\drivers\lunparser.sys,-10010; C:\WINDOWS\system32\drivers\lunparser.sys [2015-08-18 20992]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 passthruparser;@%systemroot%\system32\drivers\passthruparser.sys,-10010; C:\WINDOWS\system32\drivers\passthruparser.sys [2015-08-18 22528]
S3 pvhdparser;@%systemroot%\system32\drivers\pvhdparser.sys,-10010; C:\WINDOWS\system32\drivers\pvhdparser.sys [2015-08-18 49152]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-08-18 934752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 rt640x64;@oem114.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-06-18 895256]
S3 ssdevfactory;SteelSeries Device Factory Service; C:\WINDOWS\System32\drivers\ssdevfactory.sys [2015-04-14 25088]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tap-tb-0901;TunnelBear Adapter V9; C:\WINDOWS\system32\DRIVERS\tap-tb-0901.sys [2014-08-12 38656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-23 146600]
R2 CAMService;CAM Service; C:\Program Files\Intel\CAM\bin\CAMService.exe [2014-09-03 1243344]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-07-02 242880]
R2 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 IBMPMSVC;@oem116.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2015-06-26 131312]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-07-18 351120]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-09-05 157128]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2015-06-04 111560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-10-03 938800]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 postgresql-x64-9.0;postgresql-x64-9.0 - PostgreSQL Server 9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-x64-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w []
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2014-02-21 134336]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-11-26 255096]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-27 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-07-10 50352]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-07-18 283024]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-13 147624]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2015-08-04 38200]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-08-18 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-05 836176]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2015-09-29 21536]
-----------------EOF-----------------
