Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosba o pomoc - zvláštní chování PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
milpec
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 14 pro 2008 01:57

Prosba o pomoc - zvláštní chování PC

#1 Příspěvek od milpec »

Dobrý den, prosím o pomoc. Nelze spustit žádný jiný internetový prohlížeč než Chrome. IE, Firefox a Opera se vůbec nespustí :-(
*******************************************

Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2017-10-25 23:25:39
Microsoft Windows 8.1
System drive C: has 8 GB (7%) free of 106 GB
Total RAM: 16337 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:25:40, on 25. 10. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe
C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
E:\Program Files (x86)\CrystalDiskInfo\DiskInfo32S.exe
C:\Users\Milan\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G10] "C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Power2GoExpress10] "C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem99.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ASUS\Bluetooth Software\btwdins.exe
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2014/04/20 00:21:10 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14213 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Synology Data Replicator 3-HP-Milan.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"

"bdwtwe@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender Security\bdwteff\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll


C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-10-02 469248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-25 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-25 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-10-02 469248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-04-13 2099200]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2011-03-09 107816]
"CLMLServer_For_P2G10"=C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [2015-10-28 110008]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress10"=C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [2015-10-28 3063224]
"DesktopOK"=C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe [2016-10-13 233472]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-10-09 1421224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\ASUS\Bluetooth Software\BTTray.exe
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"vidc.XVID"=xvidvfw.dll
"VIDC.VP80"=vp8vfw.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2017-10-25 23:25:39 ----D---- C:\Program Files (x86)\trend micro
2017-10-25 23:20:10 ----D---- C:\rsit
2017-10-25 22:01:37 ----A---- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-10-25 21:36:09 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\SysWOW64\twinui.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\Wldap32.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\wlansec.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\wininet.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\vbscript.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\tquery.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\scksp.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\msctf.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\jscript.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SysWOW64\gdi32.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\webcheck.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\ntdll.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\nshwfp.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\mshtmled.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\msfeeds.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\inetcomm.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\iepeers.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\dxtrans.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\certcli.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SysWOW64\authz.dll
2017-10-07 17:29:51 ----D---- C:\UsbFix

======List of files/folders modified in the last 1 month======

2017-10-25 23:25:40 ----D---- C:\WINDOWS\Prefetch
2017-10-25 23:25:39 ----RD---- C:\Program Files (x86)
2017-10-25 23:17:23 ----D---- C:\Users\Milan\AppData\Roaming\DesktopOK
2017-10-25 23:11:04 ----D---- C:\WINDOWS\CbsTemp
2017-10-25 23:03:53 ----D---- C:\WINDOWS\Temp
2017-10-25 23:00:57 ----D---- C:\WINDOWS\WinSxS
2017-10-25 23:00:51 ----SHD---- C:\System Volume Information
2017-10-25 22:48:45 ----D---- C:\Program Files (x86)\SpeedFan
2017-10-25 22:36:50 ----D---- C:\Hobby-téka
2017-10-25 22:34:15 ----D---- C:\WINDOWS\System32
2017-10-25 22:28:54 ----A---- C:\bdlog.txt
2017-10-25 22:28:47 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-25 22:27:40 ----D---- C:\Windows
2017-10-25 22:27:34 ----D---- C:\WINDOWS\SoftwareDistribution
2017-10-25 22:01:45 ----SHD---- C:\WINDOWS\Installer
2017-10-25 22:01:37 ----D---- C:\WINDOWS\SysWOW64
2017-10-25 22:01:25 ----D---- C:\Program Files (x86)\Java
2017-10-25 21:53:28 ----D---- C:\WINDOWS\Microsoft.NET
2017-10-25 21:52:23 ----RD---- C:\WINDOWS\ToastData
2017-10-25 21:52:22 ----D---- C:\WINDOWS\SysWOW64\wbem
2017-10-25 21:52:22 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2017-10-25 21:52:22 ----D---- C:\WINDOWS\Inf
2017-10-25 21:39:57 ----D---- C:\ProgramData\Microsoft Help
2017-10-25 21:37:39 ----D---- C:\Program Files (x86)\Common Files\Microsoft Shared
2017-10-25 21:24:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-25 21:23:14 ----D---- C:\Users\Milan\AppData\Roaming\Mp3tag
2017-10-25 20:27:15 ----D---- C:\WINDOWS\SysWOW64\Macromed
2017-10-23 21:29:42 ----D---- C:\Users\Milan\AppData\Roaming\foobar2000
2017-10-23 21:16:48 ----D---- C:\Users\Milan\AppData\Roaming\XnViewMP
2017-10-23 20:45:22 ----D---- C:\Program Files (x86)\Opera
2017-10-23 19:34:14 ----D---- C:\WINDOWS\AppReadiness
2017-10-15 21:26:22 ----D---- C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite5
2017-10-15 21:26:22 ----AD---- C:\ProgramData\Temp
2017-10-13 00:25:16 ----A---- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-11 19:24:32 ----D---- C:\ProgramData\Package Cache
2017-10-11 19:24:22 ----D---- C:\Program Files (x86)\Garmin
2017-10-10 20:56:33 ----D---- C:\Users\Milan\AppData\Roaming\MusicBee
2017-10-10 20:40:24 ----D---- C:\Users\Milan\AppData\Roaming\AnvSoft
2017-10-10 20:26:04 ----HD---- C:\ProgramData
2017-10-05 21:08:50 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys []
R0 bdprivmon;bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys []
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys []
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys []
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys []
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys []
R1 atc;atc; C:\WINDOWS\system32\DRIVERS\atc.sys []
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2017-06-06 133088]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys []
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys []
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys []
R2 ei2c;ei2c; \??\C:\windows\system32\drivers\ei2c.sys []
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys []
R2 mi2c;mi2c; \??\C:\windows\system32\drivers\mi2c.sys []
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R2 speedfan;speedfan; \??\C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 anvsnddrv;@oem74.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys []
R3 bcbtums;@oem99.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys []
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys []
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys []
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys []
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\WINDOWS\system32\drivers\btwampfl.sys []
R3 btwaudio;@oem94.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\WINDOWS\system32\drivers\btwaudio.sys []
R3 btwavdt;@oem96.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\WINDOWS\system32\drivers\btwavdt.sys []
R3 btwl2cap;@oem97.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\WINDOWS\System32\drivers\btwrchid.sys []
R3 CLVirtualBus01;@oem88.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys []
R3 dc3d;@oem61.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys []
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys []
R3 MBAMProtection;MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys []
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys []
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys []
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys []
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys []
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys []
R3 Point64;@oem63.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys []
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys []
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys []
R3 RSUSBSTOR;@oem53.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys []
R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys []
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys []
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys []
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys []
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2002-11-29 16320]
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys []
S3 dg_ssudbus;@oem82.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys []
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys []
S3 libusb0;USB Kernel Driver; C:\WINDOWS\system32\DRIVERS\libusb0.sys []
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\WINDOWS\system32\MDA_NTDRV.sys []
S3 MFE_RR;MFE_RR; \??\C:\Users\Milan\AppData\Local\Temp\mfe_rr.sys []
S3 nmwcd;@oem76.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;@oem80.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys []
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 33088]
R2 BcmBtRSupport;@oem99.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\WINDOWS\system32\BtwRSupportService.exe []
R2 bdredline;Bitdefender RedLine Service; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2017-08-11 2090152]
R2 btwdins;Bluetooth Service; C:\Program Files\ASUS\Bluetooth Software\btwdins.exe [2012-12-30 960368]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-08-17 103072]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-10-09 1085968]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2016-10-11 9501024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-31 129336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-31 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-31 364856]
R2 MBAMService;Malwarebytes Service; E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [2017-08-07 6058960]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe []
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-06-21 1269824]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-29 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [2017-10-02 218416]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2014/04/20 00:21:10; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-05 175568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119665
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosba o pomoc - zvláštní chování PC

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
milpec
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 14 pro 2008 01:57

Re: Prosba o pomoc - zvláštní chování PC

#3 Příspěvek od milpec »

Děkuji a připojuji log. Ještě jsem si všiml, že nejdou otevřít ani dokumenty *.pdf, resp. po kliknutí na dokument pouze problikne kurzor a to je vše. Žádná chybová hláška, nic ...

**************************************************************

# AdwCleaner 7.0.3.1 - Logfile created on Thu Oct 26 18:15:05 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
Deleted: Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8


***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: Slunečnice - slunecnice.cz


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [2642 B] - [2017/7/1 18:25:41]
C:/AdwCleaner/AdwCleaner[S1].txt - [1385 B] - [2015/9/11 15:35:34]
C:/AdwCleaner/AdwCleaner[S2].txt - [1473 B] - [2015/11/18 19:48:19]
C:/AdwCleaner/AdwCleaner[S3].txt - [1731 B] - [2015/11/28 14:41:35]
C:/AdwCleaner/AdwCleaner[S4].txt - [1741 B] - [2015/12/31 10:31:56]
C:/AdwCleaner/AdwCleaner[S5].txt - [1675 B] - [2017/7/1 18:24:11]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119665
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosba o pomoc - zvláštní chování PC

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
milpec
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 14 pro 2008 01:57

Re: Prosba o pomoc - zvláštní chování PC

#5 Příspěvek od milpec »

Zasílám nový log, ale mezitím jsem ještě opakovaně pátral a zjistil jsem, že problém pravděpodobně způsobuje některá z posledních aktualizací MBAM, resp. jedna vrstva ochrany proti exploitům. Pokud tuto ochranu vypnu, tak již jdou spouštět všechny internetové prohlížeče i soubory pdf. Takže pokud neobjevíte nějakou podezřelost v logu, tak bude asi vyřešeno :-)

Děkuji

*************************************************************************************

Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2017-10-26 20:59:42
Microsoft Windows 8.1
System drive C: has 6 GB (6%) free of 106 GB
Total RAM: 16337 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:59:45, on 26. 10. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe
C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
E:\Malwarebytes Anti-Malware\Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Hobby-téka\Office\MSACCESS.EXE
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G10] "C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [SDTray] "E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Power2GoExpress10] "C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem99.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ASUS\Bluetooth Software\btwdins.exe
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2014/04/20 00:21:10 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - E:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15184 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe" /service
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\ASUS\Bluetooth Software\btwdins.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {f695262e-0f76-4e17-9c6d12301b8e4fcf}
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\WINDOWS\Explorer.EXE
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe" /service
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe" -silent
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-92eb6d5c-f56c-4788-b167-c6df3e5bc91e -SystemEventPortName:HostProcess-96f375ad-177d-4e19-b7c3-ea89dad63db1 -IoCancelEventPortName:HostProcess-3e0703a0-45a6-477c-9b1e-321cd298321f -NonStateChangingEventPortName:HostProcess-e3a2ff8b-6694-4ecb-a035-27e3e5b0c58c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1b647ceb-456d-4f31-9e55-b98a6a6e0ec8 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe"
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
"C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
"C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"C:\Program Files\ASUS\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files\ASUS\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe"
"C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe" -start
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=62.0.3202.62 --initial-client-data=0x1c4,0x224,0x22c,0x1c8,0x230,0x7ff8d5ff27d0,0x7ff8d5ff27e8,0x7ff8d5ff27a0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7800 --on-initialized-event-handle=708 --parent-handle=716 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=C2B481BB387498FCF1C71BBF8D9D8745 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=C2B481BB387498FCF1C71BBF8D9D8745 --renderer-client-id=3 --mojo-platform-channel-handle=2480 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=96B94275049E1AA339ACEBC6C48D26A8 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=96B94275049E1AA339ACEBC6C48D26A8 --renderer-client-id=4 --mojo-platform-channel-handle=2632 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=4EA5FFFC773CFD80CD0C4A5E1A492D53 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=4EA5FFFC773CFD80CD0C4A5E1A492D53 --renderer-client-id=5 --mojo-platform-channel-handle=2648 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=D280184FD017412D30CED66D2E48C071 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=D280184FD017412D30CED66D2E48C071 --renderer-client-id=6 --mojo-platform-channel-handle=2644 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=3D0B59068813970E2BB5A9BB26E6BA8E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=3D0B59068813970E2BB5A9BB26E6BA8E --renderer-client-id=7 --mojo-platform-channel-handle=2656 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=6931CBFC0A36CD67ACDCE2A925AE4D95 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=6931CBFC0A36CD67ACDCE2A925AE4D95 --renderer-client-id=8 --mojo-platform-channel-handle=2668 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --use-gl=swiftshader-webgl --disable-accelerated-video-decode --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --service-request-channel-token=71C28AB28FF362003D94B6FD24A7C5E0 --mojo-platform-channel-handle=4424 --ignored=" --type=renderer " /prefetch:2
C:\WINDOWS\system32\cmd.exe /d /c "C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.fd384ac15ffbc93d > \\.\pipe\chrome.nativeMessaging.out.fd384ac15ffbc93d
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=C8C43C23C1EB9FB21EE636ABA9006767 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=C8C43C23C1EB9FB21EE636ABA9006767 --renderer-client-id=15 --mojo-platform-channel-handle=7808 /prefetch:1
"C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe"
"C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\WINDOWS\SysWOW64\RunDll32.exe" "C:\Program Files\ASUS\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=6C0B952E038C0EF836BCF5F2EAFA02C3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=6C0B952E038C0EF836BCF5F2EAFA02C3 --renderer-client-id=22 --mojo-platform-channel-handle=2860 /prefetch:1
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbam.exe"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7804 CREDAT:267521 /prefetch:2
C:\WINDOWS\splwow64.exe 4096
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=6832D5A4E2B61EC4C3E3D7325AB10102 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=6832D5A4E2B61EC4C3E3D7325AB10102 --renderer-client-id=24 --mojo-platform-channel-handle=2104 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=A07997CD515D7038EBE8EB75328F0684 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=A07997CD515D7038EBE8EB75328F0684 --renderer-client-id=26 --mojo-platform-channel-handle=7496 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=3957F76D321C8D86C5762B383FC8D368 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=3957F76D321C8D86C5762B383FC8D368 --renderer-client-id=71 --mojo-platform-channel-handle=2864 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=E207B0607CBF0B51B8EB616B21E80D23 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=E207B0607CBF0B51B8EB616B21E80D23 --renderer-client-id=78 --mojo-platform-channel-handle=1168 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=53012D8B6148DA300EB724073F5C514C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=53012D8B6148DA300EB724073F5C514C --renderer-client-id=86 --mojo-platform-channel-handle=16308 /prefetch:1
"C:\Users\Milan\AppData\Local\JDownloader v2.0\JDownloader2.exe"
"C:\Hobby-téka\Office\MSACCESS.EXE" "C:\Hobby-téka\HOBBY-téka.mde" /wrkgrp "C:\Hobby-téka\system.mdw"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2216,9817761764399112557,6253734699061653849,131072 --service-pipe-token=610EC859D06D5ADD444CB828EF00D2C2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=610EC859D06D5ADD444CB828EF00D2C2 --renderer-client-id=116 --mojo-platform-channel-handle=10252 /prefetch:1
taskeng.exe {0A1C93CC-3449-4F77-8DF6-9A530222A84D}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Milan\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Synology Data Replicator 3-HP-Milan.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"

"bdwtwe@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender Security\bdwteff\


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-10-02 534720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-10-02 469248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-25 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-25 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24 6126680]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-10-02 534720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-10-02 469248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-03-29 1702912]
"GwxControlPanelMonitor"=C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [2016-01-24 4559944]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2017-10-02 321744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress10"=C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [2015-10-28 3063224]
"DesktopOK"=C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe [2016-10-13 233472]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-10-09 1421224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-04-13 2099200]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2011-03-09 107816]
"CLMLServer_For_P2G10"=C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [2015-10-28 110008]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]
"SDTray"=E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2017-05-23 4174464]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ASUS\Bluetooth Software\BTTray.exe
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2017-10-26 20:24:55 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2017-10-26 20:24:09 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2017-10-26 19:13:48 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2017-10-26 19:13:47 ----D---- C:\ProgramData\Spybot - Search & Destroy
2017-10-25 23:25:39 ----D---- C:\Program Files (x86)\trend micro
2017-10-25 23:20:10 ----D---- C:\rsit
2017-10-25 22:01:37 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2017-10-25 21:38:00 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-25 21:36:09 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-10-25 21:36:09 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-10-25 21:36:08 ----A---- C:\WINDOWS\system32\shell32.dll
2017-10-25 21:36:08 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\system32\twinui.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\Wldap32.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\wininet.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\win32k.sys
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\tquery.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\scksp.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\msctf.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\jscript.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\TabSvc.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\t2embed.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\srvsvc.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\nshwfp.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\certcli.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\authz.dll
2017-10-10 20:26:06 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2017-10-10 20:26:06 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2017-10-10 20:26:06 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-10-10 20:26:02 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2017-10-07 17:29:51 ----D---- C:\UsbFix

======List of files/folders modified in the last 1 month======

2017-10-26 20:59:44 ----D---- C:\Program Files\trend micro
2017-10-26 20:57:20 ----D---- C:\Users\Milan\AppData\Roaming\DesktopOK
2017-10-26 20:55:49 ----D---- C:\WINDOWS\Temp
2017-10-26 20:55:00 ----D---- C:\WINDOWS\Prefetch
2017-10-26 20:49:10 ----D---- C:\Hobby-téka
2017-10-26 20:30:46 ----D---- C:\WINDOWS\system32\drivers\etc
2017-10-26 20:24:55 ----D---- C:\WINDOWS\system32\drivers
2017-10-26 20:22:44 ----D---- C:\WINDOWS\system32\Tasks
2017-10-26 20:22:44 ----D---- C:\Program Files (x86)\Opera
2017-10-26 20:20:56 ----D---- C:\WINDOWS\System32
2017-10-26 20:20:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-26 20:20:45 ----D---- C:\Program Files (x86)\SpeedFan
2017-10-26 20:15:58 ----D---- C:\Program Files\Bitdefender Agent
2017-10-26 20:15:13 ----A---- C:\bdlog.txt
2017-10-26 20:15:05 ----D---- C:\AdwCleaner
2017-10-26 20:02:00 ----D---- C:\WINDOWS\system32\sru
2017-10-26 19:26:59 ----D---- C:\WINDOWS\rescache
2017-10-26 19:26:49 ----D---- C:\WINDOWS\Microsoft.NET
2017-10-26 19:13:51 ----SD---- C:\ProgramData\Microsoft
2017-10-26 19:13:47 ----HD---- C:\ProgramData
2017-10-25 23:53:33 ----D---- C:\Users\Milan\AppData\Roaming\XnViewMP
2017-10-25 23:50:03 ----D---- C:\WINDOWS\system32\config
2017-10-25 23:49:05 ----D---- C:\WINDOWS\system32\FxsTmp
2017-10-25 23:42:50 ----D---- C:\Users\Milan\AppData\Roaming\Mp3tag
2017-10-25 23:37:55 ----SHD---- C:\System Volume Information
2017-10-25 23:37:27 ----D---- C:\WINDOWS\WinSxS
2017-10-25 23:37:16 ----D---- C:\WINDOWS\debug
2017-10-25 23:37:04 ----D---- C:\Program Files\Internet Explorer
2017-10-25 23:37:04 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-25 23:37:03 ----D---- C:\WINDOWS\system32\wbem
2017-10-25 23:37:03 ----D---- C:\Windows
2017-10-25 23:36:20 ----D---- C:\Program Files\Common Files\microsoft shared
2017-10-25 23:36:19 ----SHD---- C:\WINDOWS\Installer
2017-10-25 23:36:19 ----RSD---- C:\WINDOWS\Media
2017-10-25 23:36:19 ----HD---- C:\Users\Milan\AppData\Roaming\ zAnti Ransomeware Honeypot
2017-10-25 23:36:19 ----HD---- C:\Users\Milan\AppData\Roaming\ ! Anti Ransomeware Honeypot
2017-10-25 23:36:19 ----D---- C:\WINDOWS\system32\catroot2
2017-10-25 23:36:19 ----D---- C:\WINDOWS\servicing
2017-10-25 23:36:19 ----D---- C:\WINDOWS\PolicyDefinitions
2017-10-25 23:36:19 ----D---- C:\WINDOWS\Inf
2017-10-25 23:36:19 ----D---- C:\WINDOWS\Boot
2017-10-25 23:36:19 ----D---- C:\Users\Milan\AppData\Roaming\GHISLER
2017-10-25 23:36:18 ----RD---- C:\WINDOWS\ToastData
2017-10-25 23:36:18 ----D---- C:\WINDOWS\Tasks
2017-10-25 23:36:18 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-10-25 23:36:18 ----D---- C:\WINDOWS\SYSWOW64\setup
2017-10-25 23:36:18 ----D---- C:\WINDOWS\SYSWOW64\migration
2017-10-25 23:36:18 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-10-25 23:36:18 ----D---- C:\WINDOWS\SysWOW64
2017-10-25 23:36:18 ----D---- C:\WINDOWS\system32\Sysprep
2017-10-25 23:36:18 ----D---- C:\WINDOWS\system32\setup
2017-10-25 23:36:18 ----D---- C:\WINDOWS\system32\migration
2017-10-25 23:36:18 ----D---- C:\WINDOWS\system32\cs-CZ
2017-10-25 23:36:18 ----D---- C:\WINDOWS\system32\CodeIntegrity
2017-10-25 23:36:10 ----RD---- C:\Program Files
2017-10-25 23:35:07 ----D---- C:\WINDOWS\registration
2017-10-25 23:25:39 ----RD---- C:\Program Files (x86)
2017-10-25 23:11:04 ----D---- C:\WINDOWS\CbsTemp
2017-10-25 22:27:34 ----D---- C:\WINDOWS\SoftwareDistribution
2017-10-25 22:01:25 ----D---- C:\Program Files (x86)\Java
2017-10-25 21:39:57 ----D---- C:\ProgramData\Microsoft Help
2017-10-25 21:39:44 ----D---- C:\WINDOWS\system32\MRT
2017-10-25 21:37:59 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-10-25 21:24:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-25 20:27:16 ----D---- C:\WINDOWS\system32\Macromed
2017-10-25 20:27:15 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-10-23 21:29:42 ----D---- C:\Users\Milan\AppData\Roaming\foobar2000
2017-10-23 19:34:14 ----D---- C:\WINDOWS\AppReadiness
2017-10-15 21:26:22 ----D---- C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite5
2017-10-15 21:26:22 ----AD---- C:\ProgramData\Temp
2017-10-13 00:25:16 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-10-11 19:24:32 ----D---- C:\ProgramData\Package Cache
2017-10-11 19:24:22 ----D---- C:\Program Files (x86)\Garmin
2017-10-10 20:56:33 ----D---- C:\Users\Milan\AppData\Roaming\MusicBee
2017-10-10 20:40:24 ----D---- C:\Users\Milan\AppData\Roaming\AnvSoft
2017-10-05 21:08:50 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2017-10-02 1763744]
R0 bdprivmon;bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [2017-05-11 47856]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2017-05-11 187688]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-02-04 652784]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2017-10-02 362664]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2017-04-11 439576]
R1 atc;atc; C:\WINDOWS\system32\DRIVERS\atc.sys [2017-10-02 1019880]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2017-06-06 133088]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R2 ei2c;ei2c; \??\C:\windows\system32\drivers\ei2c.sys [2014-05-01 20784]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2017-10-10 192952]
R2 mi2c;mi2c; \??\C:\windows\system32\drivers\mi2c.sys [2016-07-27 20784]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R2 speedfan;speedfan; \??\C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 anvsnddrv;@oem74.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 bcbtums;@oem99.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2012-10-01 169240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\WINDOWS\system32\drivers\btwampfl.sys [2012-10-16 161144]
R3 btwaudio;@oem94.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\WINDOWS\system32\drivers\btwaudio.sys [2012-12-14 186736]
R3 btwavdt;@oem96.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\WINDOWS\system32\drivers\btwavdt.sys [2012-12-14 228120]
R3 btwl2cap;@oem97.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
R3 btwrchid;btwrchid; C:\WINDOWS\System32\drivers\btwrchid.sys [2012-12-14 22296]
R3 CLVirtualBus01;@oem88.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [2014-11-05 103176]
R3 dc3d;@oem61.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2017-06-13 95024]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2017-10-26 110016]
R3 MBAMProtection;MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [2017-10-26 45504]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2017-10-26 252232]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2017-10-26 94144]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-24 64624]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-03-20 12708128]
R3 Point64;@oem63.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2017-06-13 73032]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2016-02-02 18456]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2015-01-30 167424]
R3 RSUSBSTOR;@oem53.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-19 772680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-03-29 544768]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys []
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-03-25 108312]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dg_ssudbus;@oem82.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 libusb0;USB Kernel Driver; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2014-10-12 44448]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\WINDOWS\syswow64\MDA_NTDRV.sys []
S3 MFE_RR;MFE_RR; \??\C:\Users\Milan\AppData\Local\Temp\mfe_rr.sys []
S3 nmwcd;@oem76.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem80.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2014-11-04 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 BcmBtRSupport;@oem99.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\WINDOWS\system32\BtwRSupportService.exe [2012-10-01 2227992]
R2 bdredline;Bitdefender RedLine Service; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2017-08-11 2090152]
R2 btwdins;Bluetooth Service; C:\Program Files\ASUS\Bluetooth Software\btwdins.exe [2012-12-30 960368]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-08-17 103072]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-10-09 1085968]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2016-10-11 9501024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-31 129336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-31 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-31 364856]
R2 MBAMService;Malwarebytes Service; E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [2017-08-07 6058960]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-06-21 1269824]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2017-05-23 1776864]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2017-05-23 2131760]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; E:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2017-05-23 233936]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-29 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [2017-10-02 218416]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2014/04/20 00:21:10; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-05 175568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119665
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosba o pomoc - zvláštní chování PC

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
milpec
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 14 pro 2008 01:57

Re: Prosba o pomoc - zvláštní chování PC

#7 Příspěvek od milpec »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2017-10-26 21:37:23
Microsoft Windows 8.1
System drive C: has 7 GB (7%) free of 106 GB
Total RAM: 16337 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:37:25, on 26. 10. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G10] "C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [SDTray] "E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Power2GoExpress10] "C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem99.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ASUS\Bluetooth Software\btwdins.exe
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2014/04/20 00:21:10 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - E:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14895 bytes

======Listing Processes======





wininit.exe


winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe" /service
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\ASUS\Bluetooth Software\btwdins.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {dbf39ec8-18b8-453b-8394909016128eef}
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\WINDOWS\Explorer.EXE
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe" /service
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe" -silent
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6554a646-c592-4a09-ac9f-9d2570876cf8 -SystemEventPortName:HostProcess-c11eb9ae-6371-468a-ae2d-e99e0685fc4c -IoCancelEventPortName:HostProcess-76e6bf57-1452-4698-8eaa-1b577ee6e8e2 -NonStateChangingEventPortName:HostProcess-00e05614-a1d4-4e20-87d2-69b8a966357e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7ca95358-4e6b-4042-b4b7-ba55fa48afc9 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe" -start
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\10262017_213158.log
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
"C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe"
"C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup

"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"C:\Program Files\ASUS\Bluetooth Software\BTTray.exe"
"C:\Program Files\ASUS\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe"
"C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcon.exe" --password
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=62.0.3202.62 --initial-client-data=0x118,0x11c,0x120,0x114,0x124,0x7ffe556827d0,0x7ffe556827e8,0x7ffe556827a0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7112 --on-initialized-event-handle=456 --parent-handle=464 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2008,2747110289877853721,9689200519006857636,131072 --service-pipe-token=C1091C84393039A5024D962514549FFA --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=C1091C84393039A5024D962514549FFA --renderer-client-id=3 --mojo-platform-channel-handle=2316 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2008,2747110289877853721,9689200519006857636,131072 --service-pipe-token=6575FF009BCBB9DFF1455B89C6C44B79 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=6575FF009BCBB9DFF1455B89C6C44B79 --renderer-client-id=4 --mojo-platform-channel-handle=2492 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2008,2747110289877853721,9689200519006857636,131072 --service-pipe-token=5006C6C375ED26589DBB3FD73BEC9DCD --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=5006C6C375ED26589DBB3FD73BEC9DCD --renderer-client-id=5 --mojo-platform-channel-handle=2044 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2008,2747110289877853721,9689200519006857636,131072 --service-pipe-token=65614CFF0111C2B3D9901C08098B0845 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=65614CFF0111C2B3D9901C08098B0845 --renderer-client-id=6 --mojo-platform-channel-handle=2516 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2008,2747110289877853721,9689200519006857636,131072 --service-pipe-token=3386734168C20E6746682C0952932AA9 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=3386734168C20E6746682C0952932AA9 --renderer-client-id=7 --mojo-platform-channel-handle=2528 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2008,2747110289877853721,9689200519006857636,131072 --service-pipe-token=890522927650EE1C766F1B3A8338C3FA --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=890522927650EE1C766F1B3A8338C3FA --renderer-client-id=8 --mojo-platform-channel-handle=2540 /prefetch:1
C:\WINDOWS\system32\cmd.exe /d /c "C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.a1952d9776c5aa55 > \\.\pipe\chrome.nativeMessaging.out.a1952d9776c5aa55
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=2008,2747110289877853721,9689200519006857636,131072 --use-gl=swiftshader-webgl --disable-accelerated-video-decode --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --service-request-channel-token=B620B584C54A743A3BF84B70B19B002D --mojo-platform-channel-handle=4708 --ignored=" --type=renderer " /prefetch:2
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2008,2747110289877853721,9689200519006857636,131072 --service-pipe-token=9275D44C2027D1907C7A0881C37B6343 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=9275D44C2027D1907C7A0881C37B6343 --renderer-client-id=15 --mojo-platform-channel-handle=7640 /prefetch:1
"C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe"
"C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2008,2747110289877853721,9689200519006857636,131072 --service-pipe-token=8888781C666C8AC735AD5ABA80AF780B --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=8888781C666C8AC735AD5ABA80AF780B --renderer-client-id=17 --mojo-platform-channel-handle=6540 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Milan\Downloads\RSITx64 (2).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Synology Data Replicator 3-HP-Milan.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"

"bdwtwe@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender Security\bdwteff\


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-10-02 534720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-10-02 469248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-25 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-25 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24 6126680]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-10-02 534720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-10-02 469248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-03-29 1702912]
"GwxControlPanelMonitor"=C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [2016-01-24 4559944]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2017-10-02 321744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress10"=C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [2015-10-28 3063224]
"DesktopOK"=C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe [2016-10-13 233472]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-10-09 1421224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-04-13 2099200]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2011-03-09 107816]
"CLMLServer_For_P2G10"=C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [2015-10-28 110008]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]
"SDTray"=E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2017-05-23 4174464]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ASUS\Bluetooth Software\BTTray.exe
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2017-10-26 21:31:58 ----D---- C:\_OTM
2017-10-26 20:24:55 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2017-10-26 20:24:09 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2017-10-26 19:13:48 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2017-10-26 19:13:47 ----D---- C:\ProgramData\Spybot - Search & Destroy
2017-10-25 23:25:39 ----D---- C:\Program Files (x86)\trend micro
2017-10-25 23:20:10 ----D---- C:\rsit
2017-10-25 22:01:37 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2017-10-25 21:38:00 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-25 21:36:09 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-10-25 21:36:09 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-10-25 21:36:08 ----A---- C:\WINDOWS\system32\shell32.dll
2017-10-25 21:36:08 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\system32\twinui.dll
2017-10-25 21:36:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\Wldap32.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\wininet.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\win32k.sys
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\tquery.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\scksp.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\msctf.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\jscript.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-10-25 21:36:06 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\TabSvc.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\t2embed.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\srvsvc.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\nshwfp.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\certcli.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-10-25 21:36:05 ----A---- C:\WINDOWS\system32\authz.dll
2017-10-10 20:26:06 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2017-10-10 20:26:06 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2017-10-10 20:26:06 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-10-10 20:26:02 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2017-10-07 17:29:51 ----D---- C:\UsbFix

======List of files/folders modified in the last 1 month======

2017-10-26 21:37:25 ----D---- C:\Program Files\trend micro
2017-10-26 21:36:35 ----D---- C:\WINDOWS\Temp
2017-10-26 21:36:05 ----D---- C:\WINDOWS\Prefetch
2017-10-26 21:34:51 ----D---- C:\Program Files\Bitdefender Agent
2017-10-26 21:34:45 ----D---- C:\WINDOWS\system32\drivers
2017-10-26 21:34:38 ----D---- C:\WINDOWS\system32\drivers\etc
2017-10-26 21:33:59 ----A---- C:\bdlog.txt
2017-10-26 21:30:46 ----D---- C:\Hobby-téka
2017-10-26 21:00:00 ----D---- C:\WINDOWS\system32\sru
2017-10-26 20:57:20 ----D---- C:\Users\Milan\AppData\Roaming\DesktopOK
2017-10-26 20:22:44 ----D---- C:\WINDOWS\system32\Tasks
2017-10-26 20:22:44 ----D---- C:\Program Files (x86)\Opera
2017-10-26 20:20:56 ----D---- C:\WINDOWS\System32
2017-10-26 20:20:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-26 20:20:45 ----D---- C:\Program Files (x86)\SpeedFan
2017-10-26 20:15:05 ----D---- C:\AdwCleaner
2017-10-26 19:26:59 ----D---- C:\WINDOWS\rescache
2017-10-26 19:26:49 ----D---- C:\WINDOWS\Microsoft.NET
2017-10-26 19:13:51 ----SD---- C:\ProgramData\Microsoft
2017-10-26 19:13:47 ----HD---- C:\ProgramData
2017-10-25 23:53:33 ----D---- C:\Users\Milan\AppData\Roaming\XnViewMP
2017-10-25 23:50:03 ----D---- C:\WINDOWS\system32\config
2017-10-25 23:49:05 ----D---- C:\WINDOWS\system32\FxsTmp
2017-10-25 23:42:50 ----D---- C:\Users\Milan\AppData\Roaming\Mp3tag
2017-10-25 23:37:55 ----SHD---- C:\System Volume Information
2017-10-25 23:37:27 ----D---- C:\WINDOWS\WinSxS
2017-10-25 23:37:16 ----D---- C:\WINDOWS\debug
2017-10-25 23:37:04 ----D---- C:\Program Files\Internet Explorer
2017-10-25 23:37:04 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-25 23:37:03 ----D---- C:\WINDOWS\system32\wbem
2017-10-25 23:37:03 ----D---- C:\Windows
2017-10-25 23:36:20 ----D---- C:\Program Files\Common Files\microsoft shared
2017-10-25 23:36:19 ----SHD---- C:\WINDOWS\Installer
2017-10-25 23:36:19 ----RSD---- C:\WINDOWS\Media
2017-10-25 23:36:19 ----HD---- C:\Users\Milan\AppData\Roaming\ zAnti Ransomeware Honeypot
2017-10-25 23:36:19 ----HD---- C:\Users\Milan\AppData\Roaming\ ! Anti Ransomeware Honeypot
2017-10-25 23:36:19 ----D---- C:\WINDOWS\system32\catroot2
2017-10-25 23:36:19 ----D---- C:\WINDOWS\servicing
2017-10-25 23:36:19 ----D---- C:\WINDOWS\PolicyDefinitions
2017-10-25 23:36:19 ----D---- C:\WINDOWS\Inf
2017-10-25 23:36:19 ----D---- C:\WINDOWS\Boot
2017-10-25 23:36:19 ----D---- C:\Users\Milan\AppData\Roaming\GHISLER
2017-10-25 23:36:18 ----RD---- C:\WINDOWS\ToastData
2017-10-25 23:36:18 ----D---- C:\WINDOWS\Tasks
2017-10-25 23:36:18 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-10-25 23:36:18 ----D---- C:\WINDOWS\SYSWOW64\setup
2017-10-25 23:36:18 ----D---- C:\WINDOWS\SYSWOW64\migration
2017-10-25 23:36:18 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-10-25 23:36:18 ----D---- C:\WINDOWS\SysWOW64
2017-10-25 23:36:18 ----D---- C:\WINDOWS\system32\Sysprep
2017-10-25 23:36:18 ----D---- C:\WINDOWS\system32\setup
2017-10-25 23:36:18 ----D---- C:\WINDOWS\system32\migration
2017-10-25 23:36:18 ----D---- C:\WINDOWS\system32\cs-CZ
2017-10-25 23:36:18 ----D---- C:\WINDOWS\system32\CodeIntegrity
2017-10-25 23:36:10 ----RD---- C:\Program Files
2017-10-25 23:35:07 ----D---- C:\WINDOWS\registration
2017-10-25 23:25:39 ----RD---- C:\Program Files (x86)
2017-10-25 23:11:04 ----D---- C:\WINDOWS\CbsTemp
2017-10-25 22:27:34 ----D---- C:\WINDOWS\SoftwareDistribution
2017-10-25 22:01:25 ----D---- C:\Program Files (x86)\Java
2017-10-25 21:39:57 ----D---- C:\ProgramData\Microsoft Help
2017-10-25 21:39:44 ----D---- C:\WINDOWS\system32\MRT
2017-10-25 21:37:59 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-10-25 21:24:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-25 20:27:16 ----D---- C:\WINDOWS\system32\Macromed
2017-10-25 20:27:15 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-10-23 21:29:42 ----D---- C:\Users\Milan\AppData\Roaming\foobar2000
2017-10-23 19:34:14 ----D---- C:\WINDOWS\AppReadiness
2017-10-15 21:26:22 ----D---- C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite5
2017-10-15 21:26:22 ----AD---- C:\ProgramData\Temp
2017-10-13 00:25:16 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-10-11 19:24:32 ----D---- C:\ProgramData\Package Cache
2017-10-11 19:24:22 ----D---- C:\Program Files (x86)\Garmin
2017-10-10 20:56:33 ----D---- C:\Users\Milan\AppData\Roaming\MusicBee
2017-10-10 20:40:24 ----D---- C:\Users\Milan\AppData\Roaming\AnvSoft
2017-10-05 21:08:50 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2017-10-02 1763744]
R0 bdprivmon;bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [2017-05-11 47856]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2017-05-11 187688]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-02-04 652784]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2017-10-02 362664]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2017-04-11 439576]
R1 atc;atc; C:\WINDOWS\system32\DRIVERS\atc.sys [2017-10-02 1019880]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2017-06-06 133088]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R2 ei2c;ei2c; \??\C:\windows\system32\drivers\ei2c.sys [2014-05-01 20784]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2017-10-10 192952]
R2 mi2c;mi2c; \??\C:\windows\system32\drivers\mi2c.sys [2016-07-27 20784]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R2 speedfan;speedfan; \??\C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 anvsnddrv;@oem74.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 bcbtums;@oem99.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2012-10-01 169240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\WINDOWS\system32\drivers\btwampfl.sys [2012-10-16 161144]
R3 btwaudio;@oem94.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\WINDOWS\system32\drivers\btwaudio.sys [2012-12-14 186736]
R3 btwavdt;@oem96.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\WINDOWS\system32\drivers\btwavdt.sys [2012-12-14 228120]
R3 btwl2cap;@oem97.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
R3 btwrchid;btwrchid; C:\WINDOWS\System32\drivers\btwrchid.sys [2012-12-14 22296]
R3 CLVirtualBus01;@oem88.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [2014-11-05 103176]
R3 dc3d;@oem61.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2017-06-13 95024]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2017-10-26 110016]
R3 MBAMProtection;MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [2017-10-26 45504]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2017-10-26 252232]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2017-10-26 94144]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-24 64624]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-03-20 12708128]
R3 Point64;@oem63.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2017-06-13 73032]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2016-02-02 18456]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2015-01-30 167424]
R3 RSUSBSTOR;@oem53.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-19 772680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-03-29 544768]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys []
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-03-25 108312]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dg_ssudbus;@oem82.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 libusb0;USB Kernel Driver; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2014-10-12 44448]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\WINDOWS\syswow64\MDA_NTDRV.sys []
S3 MFE_RR;MFE_RR; \??\C:\Users\Milan\AppData\Local\Temp\mfe_rr.sys []
S3 nmwcd;@oem76.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem80.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2014-11-04 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 BcmBtRSupport;@oem99.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\WINDOWS\system32\BtwRSupportService.exe [2012-10-01 2227992]
R2 bdredline;Bitdefender RedLine Service; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2017-08-11 2090152]
R2 btwdins;Bluetooth Service; C:\Program Files\ASUS\Bluetooth Software\btwdins.exe [2012-12-30 960368]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-08-17 103072]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-10-09 1085968]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2016-10-11 9501024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-31 129336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-31 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-31 364856]
R2 MBAMService;Malwarebytes Service; E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [2017-08-07 6058960]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-06-21 1269824]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2017-05-23 1776864]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2017-05-23 2131760]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; E:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2017-05-23 233936]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-29 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [2017-10-02 218416]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2014/04/20 00:21:10; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-05 175568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119665
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosba o pomoc - zvláštní chování PC

#8 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
milpec
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 14 pro 2008 01:57

Re: Prosba o pomoc - zvláštní chování PC

#9 Příspěvek od milpec »

Ano, nyní již OK.

Děkuji.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119665
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosba o pomoc - zvláštní chování PC

#10 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“