VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivka - pro jistotu, děkuji

https://forum.viry.cz:443/viewtopic.php?t=152427

Stránka 1 z 1

Preventivka - pro jistotu, děkuji

Napsal: 30 čer 2017 10:03
od milpec
Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2017-06-30 10:55:23
Microsoft Windows 8.1
System drive C: has 30 GB (28%) free of 106 GB
Total RAM: 16337 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:55:34, on 30. 6. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
C:\Hobby-téka\Office\MSACCESS.EXE
C:\Program Files (x86)\SpeedFan\speedfan.exe
E:\Program Files (x86)\CrystalDiskInfo\DiskInfo32S.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G10] "C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Power2GoExpress10] "C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.hola.org
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2014/04/20 00:21:10 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hola Better Internet Engine (hola_svc) - Hola Networks Ltd. - C:\Program Files\Hola\app\hola_svc.exe
O23 - Service: Hola Better Internet Updater (hola_updater) - Hola Networks Ltd. - C:\Program Files\Hola\app\hola_updater.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14073 bytes

======Listing Processes======





wininit.exe


winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe" /service
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {ca4dfbcb-71a5-4ab0-9fc3ea7da63122e9}
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"C:\Program Files\Hola\app\hola_svc.exe" --service
"C:\Program Files\Hola\app\hola_updater.exe" --service --run-as hola_updater
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe" /service
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-da8152ab-65a0-4344-afca-ba52e00244d6 -SystemEventPortName:HostProcess-15a3d58e-6d31-49d7-8af0-1c24f7366ea6 -IoCancelEventPortName:HostProcess-64feb352-6e02-4a85-9b57-4f3a58673537 -NonStateChangingEventPortName:HostProcess-0f556cb8-6c85-461f-b40a-251930c6f09a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:53d37328-ba96-428d-8e98-825272e23264 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe"
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
"C:\Program Files\Hola\app\hola.exe" --silent
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe"
"C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup

"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe"
"C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe" -start
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x22c,0x23c,0x240,0x234,0x1a8,0x7fff385c19d0,0x7fff385c19b8,0x7fff385c19e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6912 --on-initialized-event-handle=716 --parent-handle=720 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=EE6A6AE46353E8E202B1D113CB77F5F7 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=EE6A6AE46353E8E202B1D113CB77F5F7 --renderer-client-id=3 --mojo-platform-channel-handle=2160 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=D6D54F4006A85E964C8E8707D65F86E5 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=D6D54F4006A85E964C8E8707D65F86E5 --renderer-client-id=4 --mojo-platform-channel-handle=2500 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=C5E77E7DCD5A97C6D6FBF98ADA14F786 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=C5E77E7DCD5A97C6D6FBF98ADA14F786 --renderer-client-id=5 --mojo-platform-channel-handle=2508 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=3C95749FDC5D614417A961B4BE936E5A --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=3C95749FDC5D614417A961B4BE936E5A --renderer-client-id=6 --mojo-platform-channel-handle=2516 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=23E8307B9E10515ECA347D410BC3104F --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=23E8307B9E10515ECA347D410BC3104F --renderer-client-id=7 --mojo-platform-channel-handle=2520 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=5E4FA5B0DBB8B746AC4DB263475B2C8C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=5E4FA5B0DBB8B746AC4DB263475B2C8C --renderer-client-id=8 --mojo-platform-channel-handle=2532 /prefetch:1
C:\WINDOWS\system32\cmd.exe /c "C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.53fee655a5828208 > \\.\pipe\chrome.nativeMessaging.out.53fee655a5828208
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=7A758587F77356F6EE393B66AE8B371B --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=7A758587F77356F6EE393B66AE8B371B --renderer-client-id=9 --mojo-platform-channel-handle=2156 /prefetch:1
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=8C6DD8AD6544F6B2B192E65235318972 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=8C6DD8AD6544F6B2B192E65235318972 --renderer-client-id=10 --mojo-platform-channel-handle=2544 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1972 --disable-direct-composition --use-gl=swiftshader-webgl --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,43,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-webrtc-hw-encoding --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --service-request-channel-token=2F21A268F048A3CB19BA435F1F22F8D9 --mojo-platform-channel-handle=3836 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\totalcmd\TOTALCMD64.EXE"
"C:\Hobby-téka\Office\MSACCESS.EXE" "C:\Hobby-téka\HOBBY-téka.mde" /wrkgrp "C:\Hobby-téka\system.mdw"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"E:\Program Files (x86)\CrystalDiskInfo\DiskInfo32S.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=8F041E9B49F33502E2078255C29B1CA8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=8F041E9B49F33502E2078255C29B1CA8 --renderer-client-id=31 --mojo-platform-channel-handle=8124 /prefetch:1
"C:\Users\Milan\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Synology Data Replicator 3-HP-Milan.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"

"bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-23 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-23 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24 6126680]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-03-29 1702912]
"GwxControlPanelMonitor"=C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [2016-01-24 4559944]
"hola"=C:\Program Files\Hola\app\hola.exe [2017-02-22 2168416]
"Malwarebytes TrayApp"=E:\MALWAREBYTES ANTI-MALWARE\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24 322312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress10"=C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [2015-10-28 3063224]
"DesktopOK"=C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe [2016-10-13 233472]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-05-18 1421224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-04-13 2099200]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2011-03-09 107816]
"CLMLServer_For_P2G10"=C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [2015-10-28 110008]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2017-06-30 10:55:23 ----D---- C:\rsit
2017-06-30 10:55:23 ----D---- C:\Program Files\trend micro
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\invagent.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\devinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\centel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aepic.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-06-15 21:11:10 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2017-06-15 21:11:09 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-15 21:10:57 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\win32k.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gpsvc.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wucltux.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssphtb.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\HelpPane.exe

======List of files/folders modified in the last 1 month======

2017-06-30 10:55:34 ----D---- C:\WINDOWS\Prefetch
2017-06-30 10:55:23 ----RD---- C:\Program Files
2017-06-30 10:53:09 ----D---- C:\Program Files (x86)\SpeedFan
2017-06-30 10:50:27 ----D---- C:\Users\Milan\AppData\Roaming\XnViewMP
2017-06-30 10:49:51 ----D---- C:\Hobby-téka
2017-06-30 10:36:13 ----D---- C:\WINDOWS\system32\drivers\etc
2017-06-30 10:26:09 ----D---- C:\WINDOWS\Temp
2017-06-30 10:25:46 ----D---- C:\WINDOWS\System32
2017-06-30 10:25:46 ----D---- C:\WINDOWS\Inf
2017-06-30 10:25:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-30 10:21:25 ----D---- C:\Program Files\Bitdefender Agent
2017-06-30 10:21:20 ----D---- C:\WINDOWS\system32\drivers
2017-06-30 10:21:02 ----D---- C:\WINDOWS\system32\wbem
2017-06-30 10:21:02 ----D---- C:\Windows
2017-06-30 10:19:54 ----D---- C:\WINDOWS\registration
2017-06-30 10:19:00 ----A---- C:\bdlog.txt
2017-06-30 10:18:41 ----SHD---- C:\System Volume Information
2017-06-30 10:13:05 ----D---- C:\Users\Milan\AppData\Roaming\Mp3tag
2017-06-30 10:02:00 ----D---- C:\WINDOWS\system32\sru
2017-06-30 10:00:10 ----D---- C:\Users\Milan\AppData\Roaming\DesktopOK
2017-06-30 08:10:42 ----D---- C:\WINDOWS\Microsoft.NET
2017-06-28 21:28:47 ----AD---- C:\ProgramData\Temp
2017-06-28 21:28:37 ----D---- C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite5
2017-06-28 21:28:08 ----D---- C:\Program Files\VDownloader
2017-06-28 21:27:14 ----RD---- C:\Program Files (x86)
2017-06-28 21:25:39 ----D---- C:\Program Files (x86)\Soft Organizer
2017-06-28 21:14:02 ----D---- C:\Users\Milan\AppData\Roaming\foobar2000
2017-06-28 21:11:44 ----D---- C:\Program Files (x86)\Autorun Organizer
2017-06-28 21:08:48 ----D---- C:\Users\Milan\AppData\Roaming\AnvSoft
2017-06-27 20:53:28 ----D---- C:\WINDOWS\system32\config
2017-06-24 15:37:26 ----D---- C:\ProgramData\Garmin
2017-06-24 15:34:55 ----D---- C:\WINDOWS\system32\DriverStore
2017-06-24 15:31:38 ----SHD---- C:\WINDOWS\Installer
2017-06-24 15:31:38 ----D---- C:\ProgramData\Package Cache
2017-06-24 15:31:32 ----D---- C:\Program Files (x86)\Garmin
2017-06-24 15:31:26 ----D---- C:\WINDOWS\system32\Tasks
2017-06-20 17:37:27 ----D---- C:\WINDOWS\WinSxS
2017-06-20 17:34:42 ----D---- C:\WINDOWS\system32\catroot2
2017-06-18 21:16:16 ----RSD---- C:\WINDOWS\assembly
2017-06-18 21:11:34 ----D---- C:\WINDOWS\rescache
2017-06-18 20:48:40 ----D---- C:\WINDOWS\system32\appraiser
2017-06-18 20:48:32 ----D---- C:\WINDOWS\CbsTemp
2017-06-18 20:47:08 ----D---- C:\ProgramData\Microsoft Help
2017-06-18 20:44:40 ----D---- C:\WINDOWS\SysWOW64
2017-06-18 20:44:15 ----D---- C:\Program Files\Microsoft Silverlight
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-06-18 20:43:17 ----RD---- C:\WINDOWS\ToastData
2017-06-17 12:25:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-06-17 00:21:06 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-06-17 00:21:06 ----D---- C:\WINDOWS\system32\Macromed
2017-06-16 23:52:40 ----HD---- C:\Program Files\WindowsApps
2017-06-16 23:52:40 ----D---- C:\WINDOWS\AppReadiness
2017-06-15 21:16:21 ----D---- C:\WINDOWS\system32\MRT
2017-06-15 21:13:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-14 20:22:11 ----D---- C:\Program Files (x86)\Opera
2017-06-09 20:57:43 ----HD---- C:\ProgramData
2017-06-04 16:05:58 ----D---- C:\WINDOWS\system32\FxsTmp
2017-06-03 04:31:39 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2017-05-29 1612648]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2016-10-29 182944]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-02-04 652784]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2017-03-25 305120]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2016-06-22 520032]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2016-06-24 128400]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-05-25 77376]
R2 ei2c;ei2c; \??\C:\windows\system32\drivers\ei2c.sys [2014-05-01 20784]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-06-11 188312]
R2 mi2c;mi2c; \??\C:\windows\system32\drivers\mi2c.sys [2016-07-27 20784]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R2 speedfan;speedfan; \??\C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 anvsnddrv;@oem74.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2017-05-29 879600]
R3 CLVirtualBus01;@oem88.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [2014-11-05 103176]
R3 dc3d;@oem62.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2015-07-08 95024]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-06-30 113592]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-06-30 44960]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-06-30 252832]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-06-30 93600]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-24 64624]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-03-20 12708128]
R3 Point64;@oem63.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2015-07-08 68912]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2016-02-02 18456]
R3 RSUSBSTOR;@oem53.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-19 772680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-03-29 544768]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys []
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-03-25 108312]
S3 dg_ssudbus;@oem82.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 libusb0;USB Kernel Driver; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2014-10-12 44448]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\WINDOWS\syswow64\MDA_NTDRV.sys []
S3 MFE_RR;MFE_RR; \??\C:\Users\Milan\AppData\Local\Temp\mfe_rr.sys []
S3 nmwcd;@oem76.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem80.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2014-11-04 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-05-18 104096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-05-18 1093136]
R2 hola_svc;Hola Better Internet Engine; C:\Program Files\Hola\app\hola_svc.exe [2017-02-22 5622368]
R2 hola_updater;Hola Better Internet Updater; C:\Program Files\Hola\app\hola_updater.exe [2016-06-27 5615280]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2016-10-11 9501024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-31 129336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-31 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-31 364856]
R2 MBAMService;Malwarebytes Service; E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-04-11 1254736]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-29 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [2017-04-24 218416]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2014/04/20 00:21:10; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-17 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]

-----------------EOF-----------------

Re: Preventivka - pro jistotu, děkuji

Napsal: 01 črc 2017 10:08
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Preventivka - pro jistotu, děkuji

Napsal: 01 črc 2017 19:28
od milpec
Děkuji, zasílám log:
********************************************

# AdwCleaner v6.047 - Log vytvořen 01/07/2017 v 20:25:41
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-29.3 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Milan - HP
# Spuštěno z : C:\Users\Milan\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

[-] Služba smazána: hola_svc
[-] Služba smazána: hola_updater


***** [ Složky ] *****

[-] Složka smazána: C:\Users\Milan\AppData\Roaming\Hola
[-] Složka smazána: C:\Program Files\Hola


***** [ Soubory ] *****

[-] Soubor smazán: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
[-] Klíč smazán: HKU\.DEFAULT\Software\Hola
[-] Klíč smazán: HKU\S-1-5-21-2134351818-1356353880-2322332928-1001\Software\Hola
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\Hola
[#] Klíč smazán po restartu: HKCU\Software\Hola
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Hola
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Hola
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hola
[-] Hodnota smazána: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [hola]
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org


***** [ Prohlížeče ] *****

[-] [C:\Users\Milan\AppData\Local\Comodo\Dragon\User Data\Default\Web data] [Search Provider] Smazáno: yahoo.com


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2109 Bajty] - [01/07/2017 20:25:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1385 Bajty] - [11/09/2015 17:35:34]
C:\AdwCleaner\AdwCleaner[S2].txt - [1473 Bajty] - [18/11/2015 21:48:19]
C:\AdwCleaner\AdwCleaner[S3].txt - [1731 Bajty] - [28/11/2015 16:41:35]
C:\AdwCleaner\AdwCleaner[S4].txt - [1741 Bajty] - [31/12/2015 12:31:56]
C:\AdwCleaner\AdwCleaner[S5].txt - [2849 Bajty] - [01/07/2017 20:24:11]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2547 Bajty] ##########

Re: Preventivka - pro jistotu, děkuji

Napsal: 01 črc 2017 20:22
od Rudy
Dejte nový log RSIT.

Re: Preventivka - pro jistotu, děkuji

Napsal: 01 črc 2017 21:08
od milpec
Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2017-07-01 22:07:15
Microsoft Windows 8.1
System drive C: has 29 GB (28%) free of 106 GB
Total RAM: 16337 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:07:17, on 1. 7. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Hobby-téka\Office\MSACCESS.EXE
E:\Program Files (x86)\MP3Tag\Mp3tag.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G10] "C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Power2GoExpress10] "C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2014/04/20 00:21:10 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13898 bytes

======Listing Processes======





wininit.exe


winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe" /service
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {c864793d-886e-4cf4-8cedbe28a58ab76d}
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe" /service
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
"C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe" -silent
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-657069a1-b0b0-4f8f-9ffa-420aa2159a05 -SystemEventPortName:HostProcess-a23668cc-f5e8-4615-9281-077331360e09 -IoCancelEventPortName:HostProcess-2c150852-9180-48b2-8344-704cabf62800 -NonStateChangingEventPortName:HostProcess-965194b1-2d7d-4152-bfa5-d6d87c1e118b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c27077c9-5337-4565-9c98-a842e4e5edd8 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe"
"C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x230,0x240,0x248,0x238,0x24c,0x7ffcb17d19d0,0x7ffcb17d19b8,0x7ffcb17d19e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6892 --on-initialized-event-handle=756 --parent-handle=760 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=FD16F426F4552E64E23E3A1639D8984E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=FD16F426F4552E64E23E3A1639D8984E --renderer-client-id=3 --mojo-platform-channel-handle=2556 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=66193A062C26D2912115A95EB898250C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=66193A062C26D2912115A95EB898250C --renderer-client-id=4 --mojo-platform-channel-handle=2212 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=0E8DBF5F24FAE2E65691114DC53AAF2E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=0E8DBF5F24FAE2E65691114DC53AAF2E --renderer-client-id=5 --mojo-platform-channel-handle=2704 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=0A1DA627A326B29DB44B504970ECFEB5 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=0A1DA627A326B29DB44B504970ECFEB5 --renderer-client-id=6 --mojo-platform-channel-handle=2716 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=2021EAC47166DA420594511E9502281F --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=2021EAC47166DA420594511E9502281F --renderer-client-id=7 --mojo-platform-channel-handle=2720 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=3AB96CAD3C20261B96A4992E34BA64C5 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=3AB96CAD3C20261B96A4992E34BA64C5 --renderer-client-id=8 --mojo-platform-channel-handle=2748 /prefetch:1
C:\WINDOWS\system32\cmd.exe /c "C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.6090a2d0320d6545 > \\.\pipe\chrome.nativeMessaging.out.6090a2d0320d6545
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=B8CD5156826AAA8567CDD974FB4835F6 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=B8CD5156826AAA8567CDD974FB4835F6 --renderer-client-id=9 --mojo-platform-channel-handle=2752 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=0609CA0FC2DA2D6C9CCBD7FE721E5E0C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=0609CA0FC2DA2D6C9CCBD7FE721E5E0C --renderer-client-id=10 --mojo-platform-channel-handle=2768 /prefetch:1
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=2168 --disable-direct-composition --use-gl=swiftshader-webgl --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,43,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-webrtc-hw-encoding --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --service-request-channel-token=41002D94AE3328E32C2FB1A4EA393017 --mojo-platform-channel-handle=5308 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=9364EBF1DE9A2BDEFC6350A1E99DF1DB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=9364EBF1DE9A2BDEFC6350A1E99DF1DB --renderer-client-id=15 --mojo-platform-channel-handle=7612 /prefetch:1
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcon.exe" --password
"C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe" -start
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Hobby-téka\Office\MSACCESS.EXE" "C:\Hobby-téka\HOBBY-téka.mde" /wrkgrp "C:\Hobby-téka\system.mdw"
"E:\Program Files (x86)\MP3Tag\Mp3tag.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=57CDB7CE59F34E9E1C337CE3871E7DFD --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=57CDB7CE59F34E9E1C337CE3871E7DFD --renderer-client-id=31 --mojo-platform-channel-handle=3844 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=F55283767EA33ECB5C7331E4CEAFE754 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=F55283767EA33ECB5C7331E4CEAFE754 --renderer-client-id=35 --mojo-platform-channel-handle=8548 /prefetch:1
"C:\Users\Milan\AppData\Local\JDownloader v2.0\JDownloader2.exe" -afterupdate
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Milan\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Synology Data Replicator 3-HP-Milan.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"

"bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-23 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-23 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24 6126680]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-03-29 1702912]
"GwxControlPanelMonitor"=C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [2016-01-24 4559944]
"Malwarebytes TrayApp"=E:\MALWAREBYTES ANTI-MALWARE\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24 322312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress10"=C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [2015-10-28 3063224]
"DesktopOK"=C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe [2016-10-13 233472]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-05-18 1421224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-04-13 2099200]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2011-03-09 107816]
"CLMLServer_For_P2G10"=C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [2015-10-28 110008]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2017-06-30 12:27:46 ----D---- C:\Users\Milan\AppData\Roaming\FastStone
2017-06-30 10:55:23 ----D---- C:\rsit
2017-06-30 10:55:23 ----D---- C:\Program Files\trend micro
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\invagent.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\devinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\centel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aepic.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-06-15 21:11:10 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2017-06-15 21:11:09 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-15 21:10:57 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\win32k.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gpsvc.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wucltux.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssphtb.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\HelpPane.exe

======List of files/folders modified in the last 1 month======

2017-07-01 22:07:13 ----D---- C:\WINDOWS\Prefetch
2017-07-01 22:02:00 ----D---- C:\WINDOWS\system32\sru
2017-07-01 21:42:07 ----D---- C:\WINDOWS\Temp
2017-07-01 21:41:37 ----D---- C:\WINDOWS\system32\drivers\etc
2017-07-01 21:26:51 ----D---- C:\Program Files\Bitdefender Agent
2017-07-01 20:49:22 ----D---- C:\Users\Milan\AppData\Roaming\DesktopOK
2017-07-01 20:34:50 ----D---- C:\Hobby-téka
2017-07-01 20:31:02 ----D---- C:\WINDOWS\System32
2017-07-01 20:31:02 ----D---- C:\WINDOWS\Inf
2017-07-01 20:31:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-01 20:29:53 ----D---- C:\Program Files (x86)\SpeedFan
2017-07-01 20:26:45 ----D---- C:\WINDOWS\system32\drivers
2017-07-01 20:26:10 ----A---- C:\bdlog.txt
2017-07-01 20:25:41 ----D---- C:\AdwCleaner
2017-07-01 20:25:38 ----RD---- C:\Program Files
2017-07-01 20:05:29 ----D---- C:\Users\Milan\AppData\Roaming\Mp3tag
2017-07-01 19:11:35 ----D---- C:\Users\Milan\AppData\Roaming\XnViewMP
2017-07-01 11:41:23 ----D---- C:\WINDOWS\system32\FxsTmp
2017-07-01 10:24:57 ----D---- C:\WINDOWS\Microsoft.NET
2017-06-30 20:23:00 ----D---- C:\WINDOWS\system32\Tasks
2017-06-30 20:23:00 ----D---- C:\Program Files (x86)\Opera
2017-06-30 10:21:02 ----D---- C:\WINDOWS\system32\wbem
2017-06-30 10:21:02 ----D---- C:\Windows
2017-06-30 10:19:54 ----D---- C:\WINDOWS\registration
2017-06-30 10:18:41 ----SHD---- C:\System Volume Information
2017-06-28 21:28:47 ----AD---- C:\ProgramData\Temp
2017-06-28 21:28:37 ----D---- C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite5
2017-06-28 21:28:08 ----D---- C:\Program Files\VDownloader
2017-06-28 21:27:14 ----RD---- C:\Program Files (x86)
2017-06-28 21:25:39 ----D---- C:\Program Files (x86)\Soft Organizer
2017-06-28 21:14:02 ----D---- C:\Users\Milan\AppData\Roaming\foobar2000
2017-06-28 21:11:44 ----D---- C:\Program Files (x86)\Autorun Organizer
2017-06-28 21:08:48 ----D---- C:\Users\Milan\AppData\Roaming\AnvSoft
2017-06-27 20:53:28 ----D---- C:\WINDOWS\system32\config
2017-06-24 15:37:26 ----D---- C:\ProgramData\Garmin
2017-06-24 15:34:55 ----D---- C:\WINDOWS\system32\DriverStore
2017-06-24 15:31:38 ----SHD---- C:\WINDOWS\Installer
2017-06-24 15:31:38 ----D---- C:\ProgramData\Package Cache
2017-06-24 15:31:32 ----D---- C:\Program Files (x86)\Garmin
2017-06-20 17:37:27 ----D---- C:\WINDOWS\WinSxS
2017-06-20 17:34:42 ----D---- C:\WINDOWS\system32\catroot2
2017-06-18 21:16:16 ----RSD---- C:\WINDOWS\assembly
2017-06-18 21:11:34 ----D---- C:\WINDOWS\rescache
2017-06-18 20:48:40 ----D---- C:\WINDOWS\system32\appraiser
2017-06-18 20:48:32 ----D---- C:\WINDOWS\CbsTemp
2017-06-18 20:47:08 ----D---- C:\ProgramData\Microsoft Help
2017-06-18 20:44:40 ----D---- C:\WINDOWS\SysWOW64
2017-06-18 20:44:15 ----D---- C:\Program Files\Microsoft Silverlight
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-06-18 20:43:17 ----RD---- C:\WINDOWS\ToastData
2017-06-17 12:25:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-06-17 00:21:06 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-06-17 00:21:06 ----D---- C:\WINDOWS\system32\Macromed
2017-06-16 23:52:40 ----HD---- C:\Program Files\WindowsApps
2017-06-16 23:52:40 ----D---- C:\WINDOWS\AppReadiness
2017-06-15 21:16:21 ----D---- C:\WINDOWS\system32\MRT
2017-06-15 21:13:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-09 20:57:43 ----HD---- C:\ProgramData
2017-06-03 04:31:39 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2017-05-29 1612648]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2016-10-29 182944]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-02-04 652784]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2017-03-25 305120]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2016-06-22 520032]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2016-06-24 128400]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-05-25 77376]
R2 ei2c;ei2c; \??\C:\windows\system32\drivers\ei2c.sys [2014-05-01 20784]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-06-11 188312]
R2 mi2c;mi2c; \??\C:\windows\system32\drivers\mi2c.sys [2016-07-27 20784]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R2 speedfan;speedfan; \??\C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 anvsnddrv;@oem74.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2017-05-29 879600]
R3 CLVirtualBus01;@oem88.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [2014-11-05 103176]
R3 dc3d;@oem62.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2015-07-08 95024]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-07-01 113592]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-07-01 44960]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-07-01 252832]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-07-01 93600]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-24 64624]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-03-20 12708128]
R3 Point64;@oem63.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2015-07-08 68912]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2016-02-02 18456]
R3 RSUSBSTOR;@oem53.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-19 772680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-03-29 544768]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys []
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-03-25 108312]
S3 dg_ssudbus;@oem82.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 libusb0;USB Kernel Driver; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2014-10-12 44448]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\WINDOWS\syswow64\MDA_NTDRV.sys []
S3 MFE_RR;MFE_RR; \??\C:\Users\Milan\AppData\Local\Temp\mfe_rr.sys []
S3 nmwcd;@oem76.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem80.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2014-11-04 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-05-18 104096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-05-18 1093136]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2016-10-11 9501024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-31 129336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-31 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-31 364856]
R2 MBAMService;Malwarebytes Service; E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-04-11 1254736]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-29 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [2017-04-24 218416]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2014/04/20 00:21:10; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-17 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]

-----------------EOF-----------------

Re: Preventivka - pro jistotu, děkuji

Napsal: 02 črc 2017 10:35
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:services
Bonjour Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Re: Preventivka - pro jistotu, děkuji

Napsal: 02 črc 2017 10:55
od milpec
Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2017-07-02 11:54:47
Microsoft Windows 8.1
System drive C: has 31 GB (29%) free of 106 GB
Total RAM: 16337 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:54:49, on 2. 7. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe
C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G10] "C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Power2GoExpress10] "C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2014/04/20 00:21:10 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13525 bytes

======Listing Processes======





wininit.exe


winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe" /service
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {1a345c4f-966a-4a4f-9249137100e07211}
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe" /service
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
"C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe" -silent
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e34fafe7-b195-4926-a736-4f4378dde0d0 -SystemEventPortName:HostProcess-874835ef-839f-4e25-b212-2ad8dcd2c778 -IoCancelEventPortName:HostProcess-7139a7cc-1165-42d5-805e-1ed7c53c6dd2 -NonStateChangingEventPortName:HostProcess-52955bc6-4600-45b7-b2dc-f80e0e3ada0e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5f711fdf-56ae-4d23-940a-f6e49f5c5226 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\07022017_114950.log
"C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe" -start
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
"C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
"C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup

"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcon.exe" --password
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x22c,0x238,0x23c,0x230,0x21c,0x7ff8207819d0,0x7ff8207819b8,0x7ff8207819e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6896 --on-initialized-event-handle=744 --parent-handle=748 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=BBA89E9CB0E97A3623C5C857A472BBD8 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=BBA89E9CB0E97A3623C5C857A472BBD8 --renderer-client-id=3 --mojo-platform-channel-handle=2384 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=FFCD41948990A224E141238C96EEEFCA --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=FFCD41948990A224E141238C96EEEFCA --renderer-client-id=4 --mojo-platform-channel-handle=2408 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=5DA50FEF86F68FAF39AF260F5A11A50E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=5DA50FEF86F68FAF39AF260F5A11A50E --renderer-client-id=5 --mojo-platform-channel-handle=2428 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=8F311CAD601A77B7401EF5A07C51CB0C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=8F311CAD601A77B7401EF5A07C51CB0C --renderer-client-id=6 --mojo-platform-channel-handle=2424 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=9631FA5F786254765D1CC635EEB7C9AD --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=9631FA5F786254765D1CC635EEB7C9AD --renderer-client-id=7 --mojo-platform-channel-handle=2432 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=50A5681742A49798364B74E81D377FCE --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=50A5681742A49798364B74E81D377FCE --renderer-client-id=8 --mojo-platform-channel-handle=2444 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=DB2A504280E22449EE522DA491642ADF --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=DB2A504280E22449EE522DA491642ADF --renderer-client-id=9 --mojo-platform-channel-handle=2460 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=89AB966C34456C0E85AEC8890F65D3C9 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=89AB966C34456C0E85AEC8890F65D3C9 --renderer-client-id=10 --mojo-platform-channel-handle=2468 /prefetch:1
C:\WINDOWS\system32\cmd.exe /c "C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.456bf19b1700f3d8 > \\.\pipe\chrome.nativeMessaging.out.456bf19b1700f3d8
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=2000 --disable-direct-composition --use-gl=swiftshader-webgl --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,43,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-webrtc-hw-encoding --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --service-request-channel-token=6528F9A2B8F454895AE109B66D402664 --mojo-platform-channel-handle=4168 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=771262524AF78CF21D2BE400669DCAF6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=771262524AF78CF21D2BE400669DCAF6 --renderer-client-id=16 --mojo-platform-channel-handle=7324 /prefetch:1
"C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --service-launch

"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Milan\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Synology Data Replicator 3-HP-Milan.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"

"bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-23 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-23 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24 6126680]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-03-29 1702912]
"GwxControlPanelMonitor"=C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [2016-01-24 4559944]
"Malwarebytes TrayApp"=E:\MALWAREBYTES ANTI-MALWARE\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24 322312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress10"=C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [2015-10-28 3063224]
"DesktopOK"=C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe [2016-10-13 233472]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-05-18 1421224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-04-13 2099200]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2011-03-09 107816]
"CLMLServer_For_P2G10"=C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [2015-10-28 110008]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2017-07-02 11:49:50 ----D---- C:\_OTM
2017-06-30 12:27:46 ----D---- C:\Users\Milan\AppData\Roaming\FastStone
2017-06-30 10:55:23 ----D---- C:\rsit
2017-06-30 10:55:23 ----D---- C:\Program Files\trend micro
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\invagent.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\devinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\centel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aepic.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-06-15 21:11:10 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2017-06-15 21:11:09 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-15 21:10:57 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\win32k.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gpsvc.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wucltux.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssphtb.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\HelpPane.exe

======List of files/folders modified in the last 1 month======

2017-07-02 11:54:47 ----D---- C:\WINDOWS\Prefetch
2017-07-02 11:54:28 ----D---- C:\WINDOWS\Temp
2017-07-02 11:52:41 ----D---- C:\Program Files\Bitdefender Agent
2017-07-02 11:52:36 ----D---- C:\WINDOWS\system32\drivers
2017-07-02 11:52:29 ----D---- C:\WINDOWS\system32\drivers\etc
2017-07-02 11:51:52 ----A---- C:\bdlog.txt
2017-07-02 11:48:42 ----D---- C:\WINDOWS\system32\Tasks
2017-07-02 11:47:22 ----D---- C:\Users\Milan\AppData\Roaming\Mp3tag
2017-07-02 11:00:00 ----D---- C:\WINDOWS\system32\sru
2017-07-02 09:47:52 ----D---- C:\WINDOWS\Microsoft.NET
2017-07-02 00:01:59 ----D---- C:\Hobby-téka
2017-07-01 23:36:17 ----D---- C:\Users\Milan\AppData\Roaming\XnViewMP
2017-07-01 20:49:22 ----D---- C:\Users\Milan\AppData\Roaming\DesktopOK
2017-07-01 20:31:02 ----D---- C:\WINDOWS\System32
2017-07-01 20:31:02 ----D---- C:\WINDOWS\Inf
2017-07-01 20:31:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-01 20:29:53 ----D---- C:\Program Files (x86)\SpeedFan
2017-07-01 20:25:41 ----D---- C:\AdwCleaner
2017-07-01 20:25:38 ----RD---- C:\Program Files
2017-07-01 11:41:23 ----D---- C:\WINDOWS\system32\FxsTmp
2017-06-30 20:23:00 ----D---- C:\Program Files (x86)\Opera
2017-06-30 10:21:02 ----D---- C:\WINDOWS\system32\wbem
2017-06-30 10:21:02 ----D---- C:\Windows
2017-06-30 10:19:54 ----D---- C:\WINDOWS\registration
2017-06-30 10:18:41 ----SHD---- C:\System Volume Information
2017-06-28 21:28:47 ----AD---- C:\ProgramData\Temp
2017-06-28 21:28:37 ----D---- C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite5
2017-06-28 21:28:08 ----D---- C:\Program Files\VDownloader
2017-06-28 21:27:14 ----RD---- C:\Program Files (x86)
2017-06-28 21:25:39 ----D---- C:\Program Files (x86)\Soft Organizer
2017-06-28 21:14:02 ----D---- C:\Users\Milan\AppData\Roaming\foobar2000
2017-06-28 21:11:44 ----D---- C:\Program Files (x86)\Autorun Organizer
2017-06-28 21:08:48 ----D---- C:\Users\Milan\AppData\Roaming\AnvSoft
2017-06-27 20:53:28 ----D---- C:\WINDOWS\system32\config
2017-06-24 15:37:26 ----D---- C:\ProgramData\Garmin
2017-06-24 15:34:55 ----D---- C:\WINDOWS\system32\DriverStore
2017-06-24 15:31:38 ----SHD---- C:\WINDOWS\Installer
2017-06-24 15:31:38 ----D---- C:\ProgramData\Package Cache
2017-06-24 15:31:32 ----D---- C:\Program Files (x86)\Garmin
2017-06-20 17:37:27 ----D---- C:\WINDOWS\WinSxS
2017-06-20 17:34:42 ----D---- C:\WINDOWS\system32\catroot2
2017-06-18 21:16:16 ----RSD---- C:\WINDOWS\assembly
2017-06-18 21:11:34 ----D---- C:\WINDOWS\rescache
2017-06-18 20:48:40 ----D---- C:\WINDOWS\system32\appraiser
2017-06-18 20:48:32 ----D---- C:\WINDOWS\CbsTemp
2017-06-18 20:47:08 ----D---- C:\ProgramData\Microsoft Help
2017-06-18 20:44:40 ----D---- C:\WINDOWS\SysWOW64
2017-06-18 20:44:15 ----D---- C:\Program Files\Microsoft Silverlight
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-06-18 20:43:17 ----RD---- C:\WINDOWS\ToastData
2017-06-17 12:25:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-06-17 00:21:06 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-06-17 00:21:06 ----D---- C:\WINDOWS\system32\Macromed
2017-06-16 23:52:40 ----HD---- C:\Program Files\WindowsApps
2017-06-16 23:52:40 ----D---- C:\WINDOWS\AppReadiness
2017-06-15 21:16:21 ----D---- C:\WINDOWS\system32\MRT
2017-06-15 21:13:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-09 20:57:43 ----HD---- C:\ProgramData
2017-06-03 04:31:39 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2017-05-29 1612648]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2016-10-29 182944]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-02-04 652784]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2017-03-25 305120]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2016-06-22 520032]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2016-06-24 128400]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-05-25 77376]
R2 ei2c;ei2c; \??\C:\windows\system32\drivers\ei2c.sys [2014-05-01 20784]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-06-11 188312]
R2 mi2c;mi2c; \??\C:\windows\system32\drivers\mi2c.sys [2016-07-27 20784]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R2 speedfan;speedfan; \??\C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 anvsnddrv;@oem74.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2017-05-29 879600]
R3 CLVirtualBus01;@oem88.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [2014-11-05 103176]
R3 dc3d;@oem62.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2015-07-08 95024]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-07-02 113592]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-07-02 44960]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-07-02 252832]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-07-02 93600]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-24 64624]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-03-20 12708128]
R3 Point64;@oem63.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2015-07-08 68912]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2016-02-02 18456]
R3 RSUSBSTOR;@oem53.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-19 772680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-03-29 544768]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys []
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-03-25 108312]
S3 dg_ssudbus;@oem82.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 libusb0;USB Kernel Driver; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2014-10-12 44448]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\WINDOWS\syswow64\MDA_NTDRV.sys []
S3 MFE_RR;MFE_RR; \??\C:\Users\Milan\AppData\Local\Temp\mfe_rr.sys []
S3 nmwcd;@oem76.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem80.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2014-11-04 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-05-18 104096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-05-18 1093136]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2016-10-11 9501024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-31 129336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-31 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-31 364856]
R2 MBAMService;Malwarebytes Service; E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-04-11 1254736]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-29 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [2017-04-24 218416]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2014/04/20 00:21:10; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-17 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]

-----------------EOF-----------------

Re: Preventivka - pro jistotu, děkuji

Napsal: 02 črc 2017 12:01
od Rudy
Smazáno, log je již OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Re: Preventivka - pro jistotu, děkuji

Napsal: 02 črc 2017 21:19
od milpec
Provedeno. Díky za pomoc a za věnovaný čas.

Re: Preventivka - pro jistotu, děkuji

Napsal: 03 črc 2017 16:34
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz