VIRY.CZ

Dobrý deň, ked chcem pomocou google chrome vyhladavania niečo najsť musím ísť na stránku www.google.sk v prípade ak zadám text do adresoveho riadku začne mi vyhladávanie cez falošný vyhladávč coldsearch vedel by mi niekto pomôcť dakujem.

LOG



Logfile of random's system information tool 1.10 (written by random/random)
Run by Peter at 2016-03-03 01:10:34
Microsoft Windows 10 Home
System drive C: has 245 GB (26%) free of 953 GB
Total RAM: 8175 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:10:40, on 3. 3. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\Peter.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: WO Mic Client.lnk = C:\Program Files (x86)\WOMic\WOMicClient.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14208 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\atiesrxx.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fe976f0a-8840-4c68-ad80-61fd08eb08bc -SystemEventPortName:HostProcess-57bd691d-01b3-4686-8dec-297c2d0ef9d1 -IoCancelEventPortName:HostProcess-137bbb02-4615-4dc9-aa56-89c97b480c67 -NonStateChangingEventPortName:HostProcess-bf00348f-8510-4cdd-a996-b92b6079874d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:060dbfe0-d3b6-4b82-8d03-9f9c10b07ebf -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-86cdba87-35af-458d-a32f-d3faa209a758 -SystemEventPortName:HostProcess-7c8d52ac-e859-454e-8f7f-604085085ad6 -IoCancelEventPortName:HostProcess-c3de6d2a-34d0-4a28-828e-9c8503964081 -NonStateChangingEventPortName:HostProcess-584e732b-061f-4040-a738-517b50cc919f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a6238349-69f4-4ded-9064-27e7cef59ff2 -DeviceGroupId:WpdFsGroup
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
dashost.exe {5a36427b-6254-4692-b95d412b92a97201}
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\mqsvc.exe
"C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
atieclxx
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\Windows\System32\SystemSettingsBroker.exe -Embedding

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4908.0.107845319\1987862610" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x1002 --gpu-device-id=0x6811 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.300.1025.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledSlowStartLargeReduction/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4908.2.188383890\2094308312" --font-cache-shared-handle=2504 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledSlowStartLargeReduction/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4908.3.1393634942\1934088968" --font-cache-shared-handle=2764 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledSlowStartLargeReduction/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4908.4.1829076080\1952351985" --font-cache-shared-handle=2868 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledSlowStartLargeReduction/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4908.5.49746002\1055691475" --font-cache-shared-handle=2972 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledSlowStartLargeReduction/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4908.6.494503809\1149077140" --font-cache-shared-handle=3092 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledSlowStartLargeReduction/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4908.10.184619363\1271621578" --font-cache-shared-handle=6588 /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe23_ Global\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 608 612 620 8192 616
"C:\Users\Peter\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12 228552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
GBHO.BHO - C:\WINDOWS\system32\mscoree.dll [2015-10-30 396288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-13 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-08 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2016-01-12 2348336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-13 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12 163016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-08 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2016-01-12 1741104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1d09c093-f71e-43c3-b948-19316cbd695e} - Smart Recovery 2 - C:\WINDOWS\system32\mscoree.dll [2015-10-30 396288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-21 14040792]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"StartCN"=C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-11-18 4859592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29 53282944]
"OneDrive"=C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-13 551112]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"uTorrent"=C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2016-01-14 1861632]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2014-02-08 1193352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-02-16 25122080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Peek Through]
C:\Program Files (x86)\Peek Through\Peek Through.exe [2009-11-27 89088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\Raptr\RAPTRS~1.EXE [2015-12-02 56080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-02-04 3014224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2010-10-05 112152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-06 6133520]
"Raptr"=C:\PROGRA~2\Raptr\RAPTRS~1.EXE [2015-12-02 56080]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-02-16 25122080]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30 334896]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"PDFHook"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]
"PDF5 Registry Controller"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]
"IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2013-08-15 47432]
"PaperPort PTD"=C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2013-08-15 31048]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2014-06-16 139776]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2014-05-22 4513792]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-11-17 522784]

C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
WO Mic Client.lnk - C:\Program Files (x86)\WOMic\WOMicClient.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2016-03-03 01:10:34 ----D---- C:\rsit
2016-03-03 01:10:34 ----D---- C:\Program Files\trend micro
2016-03-01 19:59:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-01 19:59:42 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-01 19:59:41 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-01 19:59:41 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-01 19:59:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-01 19:59:39 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-01 19:59:39 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-01 19:59:39 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-01 19:59:38 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-01 19:59:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-01 19:59:33 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-01 19:59:33 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-01 19:59:32 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-01 19:59:32 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-01 19:59:31 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-01 19:59:31 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-01 19:59:30 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-01 19:59:30 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-01 19:59:30 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-01 19:59:29 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-01 19:59:28 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-01 19:59:28 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 19:59:27 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-01 19:59:27 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-01 19:59:26 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-01 19:59:26 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-01 19:59:25 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-01 19:59:25 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-01 19:59:25 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-01 19:59:24 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-01 19:59:24 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-01 19:59:24 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-01 19:59:24 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-01 19:59:23 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-01 19:59:23 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-01 19:59:23 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-01 19:59:22 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-01 19:59:22 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-01 19:59:22 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-01 19:59:21 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-01 19:59:21 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-01 19:59:21 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-01 19:59:20 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-01 19:59:20 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-01 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-01 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-01 19:59:19 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-01 19:59:19 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-01 19:59:19 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-01 19:59:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-01 19:59:18 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-01 19:59:18 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-01 19:59:18 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-01 19:59:18 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-01 19:59:17 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-01 19:59:17 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-01 19:59:17 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-01 19:59:17 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-01 19:59:16 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-01 19:59:16 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-01 19:59:16 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-01 19:59:16 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-01 19:59:16 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-01 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-01 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-01 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-01 19:59:15 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-01 19:59:15 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-01 19:59:14 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-01 19:59:14 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-01 19:59:13 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-01 19:59:13 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-01 19:59:13 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-01 19:59:13 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-01 19:59:13 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-01 19:59:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-01 19:59:12 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-01 19:59:12 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-01 19:59:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-01 19:59:10 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-01 19:59:10 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-01 19:59:10 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-01 19:59:10 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-01 19:59:10 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-01 19:59:05 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-01 19:59:05 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-01 19:59:05 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-01 19:59:05 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-01 19:59:03 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-01 19:59:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-01 19:59:03 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-01 19:59:03 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-01 19:59:03 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-01 19:59:03 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-01 19:59:03 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-01 19:59:03 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-01 19:59:02 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-01 19:59:01 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-01 19:59:01 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-01 19:59:01 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-01 19:59:01 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-01 19:59:01 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-01 19:59:01 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-01 19:58:59 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-01 19:58:59 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-01 19:58:59 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-01 19:58:59 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-01 19:58:59 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-01 19:58:59 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-01 19:58:59 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-01 19:58:59 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-01 19:58:59 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-01 19:58:59 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-01 19:58:58 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-01 19:58:58 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-01 19:58:58 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-01 19:58:58 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-01 19:58:58 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-01 19:58:57 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-01 19:58:57 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-01 19:58:57 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-01 19:58:57 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-01 19:58:57 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-01 19:58:57 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-01 19:58:56 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-01 19:58:56 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-01 19:58:56 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-01 19:58:56 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-01 19:58:56 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-01 19:58:55 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-01 19:58:55 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-01 19:58:54 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-01 19:58:52 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-01 19:58:51 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-01 19:58:51 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-01 19:58:51 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-02-23 20:05:33 ----D---- C:\Users\Peter\AppData\Roaming\Notepad++
2016-02-23 20:05:33 ----D---- C:\Program Files (x86)\Notepad++
2016-02-15 18:44:55 ----A---- C:\autoexec.bat
2016-02-15 18:44:37 ----D---- C:\Users\Peter\AppData\Roaming\Enigma Software Group
2016-02-15 18:43:13 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2016-02-10 18:54:09 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-02-10 18:54:06 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-02-10 18:54:04 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-02-10 18:54:04 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-02-10 18:54:04 ----A---- C:\WINDOWS\system32\combase.dll
2016-02-10 18:54:04 ----A---- C:\WINDOWS\explorer.exe
2016-02-10 18:54:03 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-02-10 18:54:02 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-02-10 18:54:02 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-02-10 18:54:02 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 18:53:59 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\ztrace_maps.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\iassam.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\cfgbkend.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\OpenWith.exe
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\iassam.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\hlink.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2016-02-07 15:40:57 ----D---- C:\ProgramData\UltraKey6
2016-02-07 15:40:57 ----A---- C:\WINDOWS\unvise32.exe
2016-02-07 15:40:13 ----D---- C:\Program Files (x86)\UKey6
2016-02-07 15:40:13 ----D---- C:\Program Files (x86)\Bytes of Learning
2016-02-07 15:14:56 ----D---- C:\Program Files (x86)\DesiatimiPrstami

======List of files/folders modified in the last 1 month======

2016-03-03 01:10:34 ----RD---- C:\Program Files
2016-03-03 01:06:55 ----D---- C:\WINDOWS\system32\sru
2016-03-03 01:05:46 ----D---- C:\WINDOWS\Prefetch
2016-03-03 00:05:50 ----D---- C:\Users\Peter\AppData\Roaming\TS3Client
2016-03-02 20:28:18 ----D---- C:\WINDOWS\Temp
2016-03-02 20:12:36 ----HD---- C:\Program Files\WindowsApps
2016-03-02 20:11:20 ----D---- C:\WINDOWS\AppReadiness
2016-03-02 20:07:29 ----D---- C:\WINDOWS\System32
2016-03-02 20:07:29 ----D---- C:\WINDOWS\INF
2016-03-02 20:07:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-02 20:05:56 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-03-02 20:01:50 ----D---- C:\WINDOWS\system32\config
2016-03-02 20:01:44 ----D---- C:\WINDOWS\WinSxS
2016-03-02 20:01:42 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-02 19:58:07 ----D---- C:\WINDOWS\system32\drivers
2016-03-02 01:08:45 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-02 01:08:45 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-02 01:08:45 ----AD---- C:\WINDOWS\SysWOW64
2016-03-02 01:08:44 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-02 01:08:44 ----D---- C:\WINDOWS\system32\wbem
2016-03-02 01:08:44 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-02 01:08:44 ----D---- C:\WINDOWS\system32\migration
2016-03-02 01:08:44 ----D---- C:\WINDOWS\system32\Dism
2016-03-02 01:08:42 ----D---- C:\WINDOWS\system32\Boot
2016-03-02 01:08:42 ----D---- C:\WINDOWS\system32\appraiser
2016-03-02 01:08:41 ----RSD---- C:\WINDOWS\Media
2016-03-02 01:08:41 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-02 01:08:40 ----RSD---- C:\WINDOWS\Fonts
2016-03-02 01:08:40 ----D---- C:\WINDOWS\bcastdvr
2016-03-02 01:08:40 ----D---- C:\WINDOWS\AppPatch
2016-03-02 01:08:40 ----D---- C:\Program Files\Windows Portable Devices
2016-03-02 01:08:40 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-02 01:08:40 ----D---- C:\Program Files\Windows Media Player
2016-03-02 01:08:40 ----D---- C:\Program Files\Windows Journal
2016-03-02 01:08:40 ----D---- C:\Program Files\Internet Explorer
2016-03-02 01:08:40 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-02 01:08:40 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-02 01:08:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-02 01:08:34 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-02 00:33:40 ----D---- C:\Program Files (x86)\Steam
2016-03-02 00:18:03 ----AD---- C:\Program Files (x86)\Battle.net
2016-03-01 20:02:37 ----D---- C:\WINDOWS\CbsTemp
2016-03-01 19:45:33 ----D---- C:\WINDOWS\system32\catroot2
2016-03-01 18:21:24 ----D---- C:\Users\Peter\AppData\Roaming\OBS
2016-03-01 11:25:37 ----SHD---- C:\System Volume Information
2016-02-28 23:42:52 ----D---- C:\Users\Peter\AppData\Roaming\vlc
2016-02-26 22:44:14 ----D---- C:\Users\Peter\AppData\Roaming\uTorrent
2016-02-23 20:05:33 ----RD---- C:\Program Files (x86)
2016-02-21 10:00:48 ----AD---- C:\Program Files (x86)\World of Warcraft
2016-02-20 21:34:02 ----D---- C:\Program Files (x86)\Dropbox
2016-02-20 20:51:44 ----D---- C:\WINDOWS\system32\NDF
2016-02-20 11:24:59 ----D---- C:\ProgramData\Package Cache
2016-02-20 11:24:58 ----SHDC---- C:\WINDOWS\Installer
2016-02-20 11:24:57 ----SHD---- C:\Config.Msi
2016-02-19 19:55:35 ----AD---- C:\Program Files (x86)\Hearthstone
2016-02-17 21:25:13 ----D---- C:\Users\Peter\AppData\Roaming\Battle.net
2016-02-17 21:25:13 ----D---- C:\ProgramData\Battle.net
2016-02-15 19:17:42 ----D---- C:\WINDOWS\system32\Tasks
2016-02-15 18:44:47 ----D---- C:\AdwCleaner
2016-02-15 10:59:01 ----RSD---- C:\WINDOWS\assembly
2016-02-14 14:39:10 ----D---- C:\WINDOWS\rescache
2016-02-13 18:01:00 ----AD---- C:\Program Files (x86)\TeamViewer
2016-02-12 05:45:35 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-02-12 05:45:35 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-02-12 05:45:34 ----D---- C:\WINDOWS\system32\sk-SK
2016-02-12 05:45:34 ----D---- C:\WINDOWS\system32\en-US
2016-02-12 05:45:34 ----D---- C:\Windows
2016-02-11 21:59:15 ----D---- C:\ProgramData\Microsoft Help
2016-02-11 21:57:18 ----A---- C:\WINDOWS\win.ini
2016-02-11 21:55:19 ----D---- C:\WINDOWS\system32\MRT
2016-02-11 21:48:51 ----A---- C:\WINDOWS\system32\MRT.exe
2016-02-10 20:14:27 ----D---- C:\Users\Peter\AppData\Roaming\FileZilla
2016-02-09 19:58:23 ----AD---- C:\Program Files\FileZilla FTP Client
2016-02-08 16:19:15 ----D---- C:\Users\Peter\AppData\Roaming\Adobe
2016-02-07 15:40:57 ----HD---- C:\ProgramData
2016-02-06 23:17:40 ----D---- C:\Users\Peter\AppData\Roaming\Audacity
2016-02-06 22:42:07 ----D---- C:\WINDOWS\LiveKernelReports
2016-02-06 15:06:39 ----D---- C:\ProgramData\Origin
2016-02-06 15:06:31 ----AD---- C:\Program Files (x86)\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-10-08 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-10-08 274808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-10-08 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-11-06 1059656]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-11-06 449992]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2015-09-21 26528]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-10-08 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-10-08 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-10-08 153744]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2015-06-21 43168]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-11-24 23968792]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-11-24 679960]
R3 AtiHDAudioService;@oem34.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-09-18 102912]
R3 dtlitescsibus;@oem24.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-02-01 30264]
R3 dtliteusbbus;@oem25.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-02-01 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-09-21 4514008]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-12-13 175616]
R3 rt640x64;@oem36.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-09-21 886528]
R3 SensorsSimulatorDriver;@oem6.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2015-10-30 216064]
S0 amdkmafd;@oem14.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-07-28 40720]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-12-13 117248]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2016-02-15 22704]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2015-08-09 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2015-09-21 25640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2015-09-04 30528]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MEIx64;@oem33.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-11-24 255000]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-08 146600]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2015-07-09 21744]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-12-13 26624]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 OneSyncSvc_86e48;Sync Host_86e48; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2013-08-15 145736]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_86e48;Contact Data_86e48; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-11-17 1139744]
S2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-16 134512]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-16 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_15243c7d;Sync Host_15243c7d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1ea64312;Sync Host_1ea64312; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_55610;Sync Host_55610; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_d14a041;Sync Host_d14a041; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-01-19 1314848]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-16 134512]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2016-02-01 1357104]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-16 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_15243c7d;MessagingService_15243c7d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1ea64312;MessagingService_1ea64312; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_55610;MessagingService_55610; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_86e48;MessagingService_86e48; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_d14a041;MessagingService_d14a041; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-02-06 2104840]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-01-25 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_15243c7d;Contact Data_15243c7d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1ea64312;Contact Data_1ea64312; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_55610;Contact Data_55610; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_d14a041;Contact Data_d14a041; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-02-04 835152]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [2015-07-09 134656]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Dobrý deň nižšie posielam môj log







# AdwCleaner v5.037 - Logfile created 03/03/2016 at 18:34:18
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Peter - PETER-PC
# Running from : C:\Users\Peter\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3942 bytes] - [15/11/2015 12:11:49]
C:\AdwCleaner\AdwCleaner[C2].txt - [760 bytes] - [03/03/2016 18:34:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [4802 bytes] - [15/11/2015 12:09:07]
C:\AdwCleaner\AdwCleaner[S2].txt - [741 bytes] - [15/02/2016 18:44:47]
C:\AdwCleaner\AdwCleaner[S3].txt - [966 bytes] - [03/03/2016 18:31:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1049 bytes] ##########

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:services
Bonjour Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Dakujem za to že sa mi venujete ^^



///////////////////////////////


Logfile of random's system information tool 1.10 (written by random/random)
Run by Peter at 2016-03-03 20:02:28
Microsoft Windows 10 Home
System drive C: has 238 GB (25%) free of 953 GB
Total RAM: 8175 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:02:45, on 3. 3. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\Peter.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: WO Mic Client.lnk = C:\Program Files (x86)\WOMic\WOMicClient.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14006 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\atiesrxx.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0ecaf0ac-2a62-4bf7-ae0a-63c16dcaae8a -SystemEventPortName:HostProcess-eee9b510-d516-4aa0-bb5e-eebb8773d708 -IoCancelEventPortName:HostProcess-407bc4f9-f83d-4a9e-9d68-71fab55818ba -NonStateChangingEventPortName:HostProcess-dc02856d-ec85-4c23-b28e-6758a03ef614 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e1d03bcd-764d-41d6-92d7-8aaae9cd36a4 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalService
"dwm.exe"
atieclxx
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d86c26d3-3aee-4573-8448-e432938e286a -SystemEventPortName:HostProcess-cc7b0a3b-97fc-4b07-9bc3-77d066b0b666 -IoCancelEventPortName:HostProcess-8dc333cb-8a94-487a-8a6b-953004b59aa6 -NonStateChangingEventPortName:HostProcess-4ed319c9-8596-4eeb-a83b-5ddd5ccecd80 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c15a3a27-25f1-4776-82a8-b51586e02e51 -DeviceGroupId:WpdFsGroup
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork
dashost.exe {b27f3902-2690-4292-b15e2ad0ee762f99}

C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
"C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\wbem\wmiprvse.exe
taskeng.exe {5515512D-0055-41F9-A6B1-ED14B9C375EF}
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
C:\WINDOWS\system32\wermgr.exe -upload
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3220.0.1016157110\1177630661" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x1002 --gpu-device-id=0x6811 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.300.1025.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3220.2.987611522\848916032" --font-cache-shared-handle=2344 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3220.3.1586299174\404155345" --font-cache-shared-handle=2316 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3220.4.19520194\2068782714" --font-cache-shared-handle=2344 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3220.5.1039349290\340184717" --font-cache-shared-handle=2128 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3220.6.1951695207\217234766" --font-cache-shared-handle=2984 /prefetch:673131151
"C:\Users\Peter\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3220.7.1395237914\206287214" --font-cache-shared-handle=5388 /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3220.8.606282511\1788355195" --font-cache-shared-handle=6132 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3220.9.1582871722\176537648" --font-cache-shared-handle=6160 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 2/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3220.10.180531549\2023812497" --font-cache-shared-handle=6736 /prefetch:673131151
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12 228552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-13 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-08 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2016-01-12 2348336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-13 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12 163016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-08 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2016-01-12 1741104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-21 14040792]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"StartCN"=C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-11-18 4859592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29 53282944]
"OneDrive"=C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-13 551112]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"uTorrent"=C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2016-01-14 1861632]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2014-02-08 1193352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-02-16 25122080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Peek Through]
C:\Program Files (x86)\Peek Through\Peek Through.exe [2009-11-27 89088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\Raptr\RAPTRS~1.EXE [2015-12-02 56080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-02-04 3014224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2010-10-05 112152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-06 6133520]
"Raptr"=C:\PROGRA~2\Raptr\RAPTRS~1.EXE [2015-12-02 56080]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-02-16 25122080]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"PDFHook"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]
"PDF5 Registry Controller"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]
"IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2013-08-15 47432]
"PaperPort PTD"=C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2013-08-15 31048]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2014-06-16 139776]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2014-05-22 4513792]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-11-17 522784]

C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
WO Mic Client.lnk - C:\Program Files (x86)\WOMic\WOMicClient.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2016-03-03 20:02:28 ----D---- C:\rsit
2016-03-03 19:46:32 ----D---- C:\WINDOWS\Minidump
2016-03-03 01:10:34 ----D---- C:\Program Files\trend micro
2016-03-01 19:59:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-01 19:59:42 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-01 19:59:41 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-01 19:59:41 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-01 19:59:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-01 19:59:39 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-01 19:59:39 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-01 19:59:39 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-01 19:59:38 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-01 19:59:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-01 19:59:33 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-01 19:59:33 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-01 19:59:32 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-01 19:59:32 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-01 19:59:31 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-01 19:59:31 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-01 19:59:30 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-01 19:59:30 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-01 19:59:30 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-01 19:59:29 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-01 19:59:28 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-01 19:59:28 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 19:59:27 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-01 19:59:27 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-01 19:59:26 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-01 19:59:26 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-01 19:59:25 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-01 19:59:25 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-01 19:59:25 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-01 19:59:24 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-01 19:59:24 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-01 19:59:24 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-01 19:59:24 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-01 19:59:23 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-01 19:59:23 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-01 19:59:23 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-01 19:59:22 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-01 19:59:22 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-01 19:59:22 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-01 19:59:21 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-01 19:59:21 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-01 19:59:21 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-01 19:59:20 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-01 19:59:20 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-01 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-01 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-01 19:59:19 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-01 19:59:19 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-01 19:59:19 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-01 19:59:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-01 19:59:18 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-01 19:59:18 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-01 19:59:18 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-01 19:59:18 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-01 19:59:17 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-01 19:59:17 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-01 19:59:17 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-01 19:59:17 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-01 19:59:16 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-01 19:59:16 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-01 19:59:16 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-01 19:59:16 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-01 19:59:16 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-01 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-01 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-01 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-01 19:59:15 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-01 19:59:15 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-01 19:59:14 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-01 19:59:14 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-01 19:59:13 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-01 19:59:13 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-01 19:59:13 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-01 19:59:13 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-01 19:59:13 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-01 19:59:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-01 19:59:12 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-01 19:59:12 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-01 19:59:11 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-01 19:59:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-01 19:59:10 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-01 19:59:10 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-01 19:59:10 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-01 19:59:10 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-01 19:59:10 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-01 19:59:09 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-01 19:59:08 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-01 19:59:07 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-01 19:59:06 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-01 19:59:05 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-01 19:59:05 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-01 19:59:05 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-01 19:59:05 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-01 19:59:04 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-01 19:59:03 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-01 19:59:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-01 19:59:03 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-01 19:59:03 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-01 19:59:03 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-01 19:59:03 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-01 19:59:03 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-01 19:59:03 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-01 19:59:02 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-01 19:59:02 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-01 19:59:01 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-01 19:59:01 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-01 19:59:01 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-01 19:59:01 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-01 19:59:01 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-01 19:59:01 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-01 19:59:00 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-01 19:58:59 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-01 19:58:59 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-01 19:58:59 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-01 19:58:59 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-01 19:58:59 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-01 19:58:59 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-01 19:58:59 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-01 19:58:59 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-01 19:58:59 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-01 19:58:59 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-01 19:58:58 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-01 19:58:58 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-01 19:58:58 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-01 19:58:58 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-01 19:58:58 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-01 19:58:57 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-01 19:58:57 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-01 19:58:57 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-01 19:58:57 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-01 19:58:57 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-01 19:58:57 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-01 19:58:56 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-01 19:58:56 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-01 19:58:56 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-01 19:58:56 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-01 19:58:56 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-01 19:58:55 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-01 19:58:55 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-01 19:58:54 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-01 19:58:54 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-01 19:58:53 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-01 19:58:52 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-01 19:58:52 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-01 19:58:51 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-01 19:58:51 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-01 19:58:51 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-02-23 20:05:33 ----D---- C:\Users\Peter\AppData\Roaming\Notepad++
2016-02-23 20:05:33 ----D---- C:\Program Files (x86)\Notepad++
2016-02-15 18:44:55 ----A---- C:\autoexec.bat
2016-02-15 18:44:37 ----D---- C:\Users\Peter\AppData\Roaming\Enigma Software Group
2016-02-15 18:43:13 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2016-02-10 18:54:09 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-02-10 18:54:06 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-02-10 18:54:04 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-02-10 18:54:04 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-02-10 18:54:04 ----A---- C:\WINDOWS\system32\combase.dll
2016-02-10 18:54:04 ----A---- C:\WINDOWS\explorer.exe
2016-02-10 18:54:03 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-02-10 18:54:02 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-02-10 18:54:02 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-02-10 18:54:02 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 18:53:59 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\ztrace_maps.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\iassam.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\SYSWOW64\cfgbkend.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\OpenWith.exe
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\iassam.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\hlink.dll
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-02-10 18:53:58 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2016-02-07 15:40:57 ----D---- C:\ProgramData\UltraKey6
2016-02-07 15:40:57 ----A---- C:\WINDOWS\unvise32.exe
2016-02-07 15:40:13 ----D---- C:\Program Files (x86)\UKey6
2016-02-07 15:40:13 ----D---- C:\Program Files (x86)\Bytes of Learning
2016-02-07 15:14:56 ----D---- C:\Program Files (x86)\DesiatimiPrstami

======List of files/folders modified in the last 1 month======

2016-03-03 20:02:40 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-03-03 20:01:39 ----D---- C:\WINDOWS\Temp
2016-03-03 20:01:04 ----D---- C:\Users\Peter\AppData\Roaming\TS3Client
2016-03-03 19:57:33 ----D---- C:\WINDOWS\system32\sru
2016-03-03 19:57:27 ----D---- C:\WINDOWS\Prefetch
2016-03-03 19:46:33 ----D---- C:\WINDOWS\System32
2016-03-03 19:46:32 ----D---- C:\Windows
2016-03-03 19:44:15 ----D---- C:\WINDOWS\Tasks
2016-03-03 18:46:45 ----HD---- C:\Program Files\WindowsApps
2016-03-03 18:44:02 ----D---- C:\WINDOWS\AppReadiness
2016-03-03 18:34:18 ----D---- C:\AdwCleaner
2016-03-03 10:41:14 ----D---- C:\WINDOWS\rescache
2016-03-03 10:36:21 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-03 10:31:47 ----D---- C:\Users\Peter\AppData\Roaming\vlc
2016-03-03 09:33:16 ----D---- C:\Users\Peter\AppData\Roaming\uTorrent
2016-03-03 09:02:58 ----D---- C:\WINDOWS\INF
2016-03-03 09:02:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-03 07:24:57 ----D---- C:\WINDOWS\system32\NDF
2016-03-03 01:10:34 ----RD---- C:\Program Files
2016-03-02 20:13:33 ----D---- C:\WINDOWS\system32\config
2016-03-02 20:01:44 ----D---- C:\WINDOWS\WinSxS
2016-03-02 19:58:07 ----D---- C:\WINDOWS\system32\drivers
2016-03-02 01:08:45 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-02 01:08:45 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-02 01:08:45 ----AD---- C:\WINDOWS\SysWOW64
2016-03-02 01:08:44 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-02 01:08:44 ----D---- C:\WINDOWS\system32\wbem
2016-03-02 01:08:44 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-02 01:08:44 ----D---- C:\WINDOWS\system32\migration
2016-03-02 01:08:44 ----D---- C:\WINDOWS\system32\Dism
2016-03-02 01:08:42 ----D---- C:\WINDOWS\system32\Boot
2016-03-02 01:08:42 ----D---- C:\WINDOWS\system32\appraiser
2016-03-02 01:08:41 ----RSD---- C:\WINDOWS\Media
2016-03-02 01:08:41 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-02 01:08:40 ----RSD---- C:\WINDOWS\Fonts
2016-03-02 01:08:40 ----D---- C:\WINDOWS\bcastdvr
2016-03-02 01:08:40 ----D---- C:\WINDOWS\AppPatch
2016-03-02 01:08:40 ----D---- C:\Program Files\Windows Portable Devices
2016-03-02 01:08:40 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-02 01:08:40 ----D---- C:\Program Files\Windows Media Player
2016-03-02 01:08:40 ----D---- C:\Program Files\Windows Journal
2016-03-02 01:08:40 ----D---- C:\Program Files\Internet Explorer
2016-03-02 01:08:40 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-02 01:08:40 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-02 01:08:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-02 01:08:34 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-02 00:33:40 ----D---- C:\Program Files (x86)\Steam
2016-03-02 00:18:03 ----AD---- C:\Program Files (x86)\Battle.net
2016-03-01 20:02:37 ----D---- C:\WINDOWS\CbsTemp
2016-03-01 19:45:33 ----D---- C:\WINDOWS\system32\catroot2
2016-03-01 18:21:24 ----D---- C:\Users\Peter\AppData\Roaming\OBS
2016-03-01 11:25:37 ----SHD---- C:\System Volume Information
2016-02-23 20:05:33 ----RD---- C:\Program Files (x86)
2016-02-21 10:00:48 ----AD---- C:\Program Files (x86)\World of Warcraft
2016-02-20 21:34:02 ----D---- C:\Program Files (x86)\Dropbox
2016-02-20 11:24:59 ----D---- C:\ProgramData\Package Cache
2016-02-20 11:24:58 ----SHDC---- C:\WINDOWS\Installer
2016-02-20 11:24:57 ----SHD---- C:\Config.Msi
2016-02-19 19:55:35 ----AD---- C:\Program Files (x86)\Hearthstone
2016-02-17 21:25:13 ----D---- C:\Users\Peter\AppData\Roaming\Battle.net
2016-02-17 21:25:13 ----D---- C:\ProgramData\Battle.net
2016-02-15 19:17:42 ----D---- C:\WINDOWS\system32\Tasks
2016-02-15 10:59:01 ----RSD---- C:\WINDOWS\assembly
2016-02-13 18:01:00 ----AD---- C:\Program Files (x86)\TeamViewer
2016-02-12 05:45:35 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-02-12 05:45:35 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-02-12 05:45:34 ----D---- C:\WINDOWS\system32\sk-SK
2016-02-12 05:45:34 ----D---- C:\WINDOWS\system32\en-US
2016-02-11 21:59:16 ----D---- C:\ProgramData\Microsoft Help
2016-02-11 21:57:18 ----A---- C:\WINDOWS\win.ini
2016-02-11 21:55:19 ----D---- C:\WINDOWS\system32\MRT
2016-02-11 21:48:51 ----A---- C:\WINDOWS\system32\MRT.exe
2016-02-10 20:14:27 ----D---- C:\Users\Peter\AppData\Roaming\FileZilla
2016-02-09 19:58:23 ----AD---- C:\Program Files\FileZilla FTP Client
2016-02-08 16:19:15 ----D---- C:\Users\Peter\AppData\Roaming\Adobe
2016-02-07 15:40:57 ----HD---- C:\ProgramData
2016-02-06 23:17:40 ----D---- C:\Users\Peter\AppData\Roaming\Audacity
2016-02-06 22:42:07 ----D---- C:\WINDOWS\LiveKernelReports
2016-02-06 15:10:24 ----D---- C:\ProgramData\Origin
2016-02-06 15:06:31 ----AD---- C:\Program Files (x86)\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-10-08 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-10-08 274808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-10-08 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-11-06 1059656]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-11-06 449992]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2015-09-21 26528]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-10-08 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-10-08 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-10-08 153744]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2015-06-21 43168]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-11-24 23968792]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-11-24 679960]
R3 AtiHDAudioService;@oem34.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-09-18 102912]
R3 dtlitescsibus;@oem24.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-02-01 30264]
R3 dtliteusbbus;@oem25.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-02-01 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-09-21 4514008]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-12-13 175616]
R3 rt640x64;@oem36.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-09-21 886528]
R3 SensorsSimulatorDriver;@oem6.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2015-10-30 216064]
S0 amdkmafd;@oem14.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-07-28 40720]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-12-13 117248]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2016-02-15 22704]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2015-08-09 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2015-09-21 25640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2015-09-04 30528]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MEIx64;@oem33.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-11-17 1139744]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-11-24 255000]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-08 146600]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2015-07-09 21744]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-12-13 26624]
R2 OneSyncSvc_6855b;Sync Host_6855b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2013-08-15 145736]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-16 134512]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-16 144200]
S2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_15243c7d;Sync Host_15243c7d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1ea64312;Sync Host_1ea64312; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_55610;Sync Host_55610; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_658ec;Sync Host_658ec; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_d14a041;Sync Host_d14a041; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-01-19 1314848]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-16 134512]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2016-02-01 1357104]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-16 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_15243c7d;MessagingService_15243c7d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1ea64312;MessagingService_1ea64312; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_55610;MessagingService_55610; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_658ec;MessagingService_658ec; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_6855b;MessagingService_6855b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_d14a041;MessagingService_d14a041; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-02-06 2104840]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-01-25 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_15243c7d;Contact Data_15243c7d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1ea64312;Contact Data_1ea64312; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_55610;Contact Data_55610; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_658ec;Contact Data_658ec; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_6855b;Contact Data_6855b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_d14a041;Contact Data_d14a041; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-02-04 835152]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [2015-07-09 134656]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

Není zač, od toho tu jsme.

Dvouklikem na soubor C:\Program Files\trend micro\Peter.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

stále tam mám niečo nejaký s.coldsearch.com skušal som to odstraniť pomocou tutorialov ale nezabralo to

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

niečo mi tam našlo

Malwarebytes Anti-Malware
www.malwarebytes.org

Dátum kontroly: 3. 3. 2016
Čas kontroly: 22:02
Protokol: loger.txt
Správca: Áno

Verzia: 2.2.0.1024
Dazabáza malware: v2016.03.03.06
Databáza rootkitov: v2016.02.27.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Vypnuté

OS: Windows 10
CPU: x64
Súborový systém: NTFS
Používateľ: Peter

Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 458396
Uplynulý čas: 22 min, 38 s

Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté

Procesy: 0
(Žiadne škodlivé položky neboli zistené)

Moduly: 0
(Žiadne škodlivé položky neboli zistené)

Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Priečinky: 0
(Žiadne škodlivé položky neboli zistené)

Súbory: 3
PUP.Optional.InstallCore, C:\$Recycle.Bin\S-1-5-21-3337890157-10108699-4034733522-1000\$R00QNKB.2015\3gptomp4_setup.msi, , [69f9e99ad9c0d660f60ca6b9877adc24],
PUP.Optional.Somoto, C:\Users\Peter\AppData\Local\Temp\nsj6C93.tmp, , [0260ed960b8e4fe795c8ef02a160f30d],
PUP.Optional.AdOffer, C:\Users\Peter\AppData\Local\Temp\bitool.dll, , [6cf6b0d37623023465940a4534ce2dd3],

Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)


(end)

Nalezené položky smažte.

zmazané no stále to tam je

Ještě proveďte tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

zoek log:

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Peter on so 05. 03. 2016 at 0:10:19,12.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Peter\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

5. 3. 2016 0:25:26 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\DesiatimiPrstami deleted successfully
C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\AMD deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\Splashtop deleted successfully
C:\Users\Peter\AppData\Local\ActiveSync deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3337890157-10108699-4034733522-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E2D911E6-4457-4733-B553-A86BCE2F7376} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\DesiatimiPrstami not found
C:\PROGRA~2\VstPlugins deleted
C:\Users\Peter\.android deleted
C:\install.exe deleted
C:\PROGRA~3\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\WINDOWS\Syswow64\SET1304.tmp deleted
C:\WINDOWS\Syswow64\SET1653.tmp deleted
C:\WINDOWS\Syswow64\SET178A.tmp deleted
C:\WINDOWS\Syswow64\SET2BBD.tmp deleted
C:\WINDOWS\Syswow64\SET2FA7.tmp deleted
C:\WINDOWS\Syswow64\SET2FF8.tmp deleted
C:\WINDOWS\Syswow64\SETE400.tmp deleted
C:\WINDOWS\Syswow64\SETEA58.tmp deleted
C:\WINDOWS\Syswow64\SETEDC6.tmp deleted
C:\WINDOWS\Syswow64\SETEF8C.tmp deleted
"C:\Users\Peter\AppData\Roaming\IObit" deleted
"C:\PROGRA~3\Package Cache" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10. 12. 2015 17:53]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[16. 06. 2015 15:57]

BTTV - Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped
SIH - Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl
LoungeDestroyer - Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl
AdBlock - Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Edge (Ruler) - Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\njlkegdphefeellhaongiopcfgcinikh
2.0.8 (06b59f0) - Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnoeeagkgpkplnhmnnlgodjnjgckhja

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{7D9A9182-CE8B-492d-94E6-C242D254CCCD}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
HKCU\SearchScopes\{7D9A9182-CE8B-492d-94E6-C242D254CCCD} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Peter\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Peter\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Peter\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Peter\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1108 folders=1464 3992103802 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Peter\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 05. 03. 2016 at 1:14:47,28 ======================


JRT log:


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 10 Home x64
Ran by Peter (Administrator) on so 05. 03. 2016 at 1:16:19,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 05. 03. 2016 at 1:21:31,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Odpoveď : myslím si že už je to OK prehliadač je rýchlejší a už mi to nevyhladáva cez ten cold search

Tak to jsem rád!

Dik moc ♥