reklamy,přesměrování na nevyžádané stránky
Napsal: 30 říj 2017 15:18
-prosim o kontrolu logu děkuji log-
Logfile of random's system information tool 1.10 (written by random/random)
Run by jemin at 2017-10-30 15:15:48
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 14 GB (8%) free of 172 GB
Total RAM: 8079 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:15:48, on 30.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Fraps\fraps.exe
C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\jemin\AppData\Local\Mail.Ru\MailRuUpdater.exe
C:\Users\jemin\AppData\Roaming\MediaPlayerApplication\MediaPlayerApplication.exe
C:\Users\jemin\AppData\Local\Kometa\Panel\KometaLaunchPanel.exe
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Program Files (x86)\Noční obloha\vesmir.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Disk\WebService.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Disk\WEBSER~1.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\ZfJRwqLPhIE\landhTGixw.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Program Files\trend micro\jemin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://time-to-read.ru/?
utm_source=uoua03n&utm_content=e739009bccd5f1e6d71a91bff5994529&utm_term=256F29F2108A5A51F6A9F0E8D3607E4C&utm_d=20171030
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: MRSearchPlugin - {8E8F97CD-60B5-456F-A201-73065652D099} - C:\Users\jemin\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: YoutubeAdBlock - {C0D38E5A-7CF8-4105-8FE8-31B81443A114} - C:\Program Files (x86)\ZfJRwqLPhIE\k7zVdU1Vp.dll
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (file missing)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)"
-AutoStart 1
O4 - HKCU\..\Run: [jemin] explorer.exe http://kb-ribaki.org
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [MailRuUpdater] C:\Users\jemin\AppData\Local\Mail.Ru\MailRuUpdater.exe
O4 - HKCU\..\Run: [MediaPlayerApplication] "C:\Users\jemin\AppData\Roaming\MediaPlayerApplication\MediaPlayerApplication.exe"
O4 - HKCU\..\Run: [ttkutpvogu] explorer "http://granena.ru/?
utm_source=uoua03n&utm_content=e739009bccd5f1e6d71a91bff5994529&utm_term=256F29F2108A5A51F6A9F0E8D3607E4C&utm_d=20171030"
O4 - HKCU\..\Run: [KometaLaunchPanel] C:\Users\jemin\AppData\Local\Kometa\Panel\KometaLaunchPanel.exe
O4 - HKCU\..\Run: [ycAutoLaunch_8BD45C324E1801E78C906E73D35C9CF9] "C:\Users\jemin\AppData\Local\yc\Application\yc.exe" /prefetch:5
O4 - HKCU\..\Run: [KometaAutoLaunch_99329504B9DDFAA4DB3EFCC619BA3175] "C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --no-startup-window
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Startup: Vesmír na dlani.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 10 HE Licensing Service (ABBYY.Licensing.FineReader.Home.10.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home
\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Mail.Ru Update Service (mrupdsrv) - Mail.Ru - C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Unknown owner - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PAExec - Power Admin LLC - C:\Windows\PAExec.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SlimWare Utility Service Launcher (SlimService) - Unknown owner - C:\Program Files\SlimService\SlimServiceFactory.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SvcHost Service Host - Unknown owner - C:\Windows\Microsoft\svchost.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater.Mail.Ru - Mail.Ru - C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14862 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:
\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation
\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe" -service
taskeng.exe {F792665E-3B10-4AF6-9A0E-C795239A6279}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe" --s
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation
\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA
Corporation\NvTelemetry\plugins" -r
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\SysWOW64\ssins.exe
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe" --s
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins
\SPUser" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3
-p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
taskeng.exe {99EFF703-24F4-4C95-BA10-E0DB404DCDEC}
"C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Fraps\fraps.exe
"C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe" -userServiceMode
igfxEM.exe
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Users\jemin\AppData\Local\Mail.Ru\MailRuUpdater.exe"
"C:\Users\jemin\AppData\Roaming\MediaPlayerApplication\MediaPlayerApplication.exe"
"C:\Users\jemin\AppData\Local\Kometa\Panel\KometaLaunchPanel.exe"
"C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --no-startup-window /prefetch:5
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe --type=crashpad-handler --no-rate-limit "--database=C:\Users\jemin\AppData\Local\Chromium\User Data\Crashpad" --
annotation=channel=unknown --annotation=plat=Win32 --annotation=prod=Kometa --annotation=ver=52.0.2743.82-devel --handshake-handle=0xbc
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN42H2G0CM05SZ;CONNECTION=NW;MONITOR=1;
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files (x86)\Noční obloha\vesmir.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --type=gpu-process --channel="4092.0.1178314280\628069049" --mojo-application-channel-token=334F24BFCB2F3DC794CEA9DA8295C786
--enable-
features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingDisableUpload<SafeBrowsingIncidentReportingService,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingSer
viceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,MainFrameBeforeActivation<MainFrameBeforeActivation,NetworkTimeServiceQuerying<NetworkTi
meQueries,PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,WebRTC-
H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --disable-
features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame --force-
fieldtrials=AutofillClassifier/Enabled/AutofillFieldMetadata/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/AutomaticTabDiscarding/Enabled_Once_10-
gen2/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DefaultBrowserInfobar/SettingsText/DisallowFetchForD
ocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup/EnableGoogleCachedCopyTextExperiment/Button/EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/EnableSessionC
rashedBubbleUI/Enabled/ExtensionActionRedesign/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleBrandedContextMenu/branded/GoogleNow/Enable/IconNTP/Default
/InstanceID/Enabled/IntelligentSessionRestore/Enabled/LocalNTPSuggestionsService/Enabled/MainFrameBeforeActivation/Enabled/MaterialDesignDownloads/Enabled/MojoChannel/Enabled/*NetworkQualityE
stimator/Enabled/NetworkTimeQueries/NetworkTimeQueriesEnabled/NewProfileManagement/Enabled/OfferUploadCreditCards/Enabled/OutOfProcessPac/Enabled/PageRevisitInstrumentation/Enabled/Passw
ordBranding/SmartLockBrandingSavePromptOnly/PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PreRead/NoPrefetchArgument2/Preconn
ectMore/Enabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Launch50pct_11011_1_1_10/SRTPromptFieldTrial/On/SSLCommonName
MismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Enabled/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingReportPhishingErrorLink/Enabled/Sa
feBrowsingUpdateFrequency/UpdateTime15m/SafeBrowsingV4LocalDatabaseManagerEnabled/Enabled/SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/SettingsEnforcement/enforce_alw
ays_with_extensions_and_dse/StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/TriggeredResetFieldTrial/On/*UMA_CheckStates/
Checks/V8CacheStrategiesForCacheStorage/none/VarationsServiceControl/Interval_30min/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Enabled/WebRTC-
H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/use-new-media-cache/Enabled/ --disable-direct-composition --supports-dual-
gpus=false --gpu-driver-bug-workarounds=4,12,13,27,55,71 --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.8800 --gpu-driver-date=10-12-2017 --
gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0412 --mojo-platform-channel-handle=1072 --ignored=" --type=renderer "
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
"C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --type=renderer --enable-
features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingDisableUpload<SafeBrowsingIncidentReportingService,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingSer
viceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,MainFrameBeforeActivation<MainFrameBeforeActivation,NetworkTimeServiceQuerying<NetworkTi
meQueries,PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,WebRTC-
H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --disable-
features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame --force-
fieldtrials=AutofillClassifier/Enabled/AutofillFieldMetadata/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/*AutomaticTabDiscarding/Enabled_Once_10-
gen2/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DefaultBrowserInfobar/SettingsText/*DisallowFetchFor
DocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup/EnableGoogleCachedCopyTextExperiment/Button/*EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/EnableSessio
nCrashedBubbleUI/Enabled/ExtensionActionRedesign/Enabled/*ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleBrandedContextMenu/branded/GoogleNow/Enable/IconNTP/Def
ault/InstanceID/Enabled/IntelligentSessionRestore/Enabled/*LocalNTPSuggestionsService/Enabled/*MainFrameBeforeActivation/Enabled/MaterialDesignDownloads/Enabled/MojoChannel/Enabled/*NetworkQu
alityEstimator/Enabled/NetworkTimeQueries/NetworkTimeQueriesEnabled/*NewProfileManagement/Enabled/OfferUploadCreditCards/Enabled/OutOfProcessPac/Enabled/*PageRevisitInstrumentation/Enabled
/PasswordBranding/SmartLockBrandingSavePromptOnly/PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PreRead/NoPrefetchArgument2/
PreconnectMore/Enabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SRTPromptFieldTrial/On/SSLComm
onNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Enabled/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingReportPhishingErrorLink/En
abled/SafeBrowsingUpdateFrequency/UpdateTime15m/SafeBrowsingV4LocalDatabaseManagerEnabled/Enabled/SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/*SettingsEnforcement/en
force_always_with_extensions_and_dse/StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/*TriggeredResetFieldTrial/On/*UMA_Ch
eckStates/Checks/V8CacheStrategiesForCacheStorage/none/VarationsServiceControl/Interval_30min/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Enabled/WebRTC-
H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/use-new-media-cache/Enabled/ --primordial-pipe-
token=77BE1E29B0DC69B9B04CACA047788EBA --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-
settings=disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-
factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-
texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=E5CC7BB8128EE7FD2958CF7493CB19FA --mojo-application-channel-
token=A1F57F64C9FEF13301CB2D81A05B300E --channel="4092.2.1566782575\18009519" --mojo-platform-channel-handle=1824
"C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --type=renderer --enable-
features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingDisableUpload<SafeBrowsingIncidentReportingService,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingSer
viceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,MainFrameBeforeActivation<MainFrameBeforeActivation,NetworkTimeServiceQuerying<NetworkTi
meQueries,PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,WebRTC-
H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --disable-
features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame --force-
fieldtrials=AutofillClassifier/Enabled/AutofillFieldMetadata/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/*AutomaticTabDiscarding/Enabled_Once_10-
gen2/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DefaultBrowserInfobar/SettingsText/*DisallowFetchFor
DocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup/EnableGoogleCachedCopyTextExperiment/Button/*EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/EnableSessio
nCrashedBubbleUI/Enabled/ExtensionActionRedesign/Enabled/*ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleBrandedContextMenu/branded/GoogleNow/Enable/IconNTP/Def
ault/InstanceID/Enabled/IntelligentSessionRestore/Enabled/*LocalNTPSuggestionsService/Enabled/*MainFrameBeforeActivation/Enabled/MaterialDesignDownloads/Enabled/MojoChannel/Enabled/*NetworkQu
alityEstimator/Enabled/NetworkTimeQueries/NetworkTimeQueriesEnabled/*NewProfileManagement/Enabled/OfferUploadCreditCards/Enabled/OutOfProcessPac/Enabled/*PageRevisitInstrumentation/Enabled
/PasswordBranding/SmartLockBrandingSavePromptOnly/PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PreRead/NoPrefetchArgument2/
PreconnectMore/Enabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SRTPromptFieldTrial/On/SSLComm
onNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Enabled/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingReportPhishingErrorLink/En
abled/SafeBrowsingUpdateFrequency/UpdateTime15m/SafeBrowsingV4LocalDatabaseManagerEnabled/Enabled/SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/*SettingsEnforcement/en
force_always_with_extensions_and_dse/StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/*TriggeredResetFieldTrial/On/*UMA_Ch
eckStates/Checks/V8CacheStrategiesForCacheStorage/none/VarationsServiceControl/Interval_30min/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Enabled/WebRTC-
H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/use-new-media-cache/Enabled/ --primordial-pipe-
token=6D7EFECE2BC71369FE86EE471C853CD0 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-
settings=disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-
factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-
texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=9FDA6E17E94E137ECA59D62380824359 --mojo-application-channel-
token=1007EA8ACE522432645E95796B3F0354 --channel="4092.3.1681704669\2066998142" --mojo-platform-channel-handle=1784
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\jemin\AppData\Local\Steam\htmlcache" "-steampid=4804" "-buildid=1508910373" "-steamid=0" "-
clientui=C:\Program Files (x86)\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu
--enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-
handler "--database=C:\Users\jemin\AppData\Local\CEF\User Data\Crashpad" "--metrics-dir=C:\Users\jemin\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --
annotation=platform=win32 --annotation=product=cefwebhelper --annotation=version=1.0 --initial-client-data=0x184,0x188,0x18c,0x180,0x190,0x510d81ec,0x510d81fc,0x510d820c
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "-12530563101687251150-19667980631268325306-640023768881084936-1043091120940095888
"C:\Windows\Microsoft\svchost.exe.exe" -a cryptonight -o stratum+tcp://mine.moneropool.com:3333 -u
4B9Darzi85pHxc53y1KZ6BHpFhdFSbTMYHMbK5BCByM36HsbsXqVzHYHwkybR1272oaZ4zPJ2EP79bw4dRUJR9pLSebAhDM -p x -t 4
\??\C:\Windows\system32\conhost.exe "539200508-8322232759666672901299317021155691727-17077159271957922381-1855423359
C:\Disk\WebService.exe
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation
\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-gpu-compositing --no-sandbox --service-pipe-
token=B82A1FF0B933EADEE00DC6370C16D2C3 --lang=en-US --lang=en-US --log-file="C:\Users\jemin\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-
scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-
target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;
1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,35
53;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,1
0,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3
553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-gpu-compositing --service-request-channel-token=B82A1FF0B933EADEE00DC6370C16D2C3 --renderer-client-id=2 --mojo-
platform-channel-handle=1724 /prefetch:1
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -d "C:\Program Files\NVIDIA Corporation\NvStreamSrv\SsauPlugins" -f "C:\ProgramData\NVIDIA Corporation\nvstreamsvc\NvcSSAU.log" -l
4 -r -c
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe"
rundll32.exe "C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxcore.dll" RmWindowsHookSetup
rundll32.exe "C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxcore.dll" RmWindowsHookSetup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Disk\WEBSER~1.EXE 6576
C:\Disk\securedisk.exe -o mine4.12finance.com:4444 -u 49uCjDkMQQ1aqm5efnH79E22aveF6bFGBTVhusWQYBBfdpC5s8zXqzVVjD3xdj3vCd3GeRQ4rNPGmUdHu8GbNspVEbTZ1HE -p x -k -t 2 --donate-
level=1
\??\C:\Windows\system32\conhost.exe "2112698932-261814686-1126600200-1506111497760636152-1586562062400992681999407432
"C:\Program Files\Internet Explorer\iexplore.exe" "http://izogreb.ru/?utm_d=20171030"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2332 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"C:\Fraps\fraps64.dat"
"C:\Program Files (x86)\ZfJRwqLPhIE\landhTGixw.exe" -Embedding
"C:\Program Files\Internet Explorer\iexplore.exe" "http://izogreb.ru/?utm_d=20171030"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4348 CREDAT:267521 /prefetch:2
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4348 CREDAT:1447250 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4348 CREDAT:4068628 /prefetch:2
"C:\Windows\Microsoft\svchost.exe" -k LocalService
"C:\Windows\Microsoft\svchost.exe.exe" -a cryptonight -o stratum+tcp://mine.moneropool.com:3333 -u
4B9Darzi85pHxc53y1KZ6BHpFhdFSbTMYHMbK5BCByM36HsbsXqVzHYHwkybR1272oaZ4zPJ2EP79bw4dRUJR9pLSebAhDM -p x -t 4
\??\C:\Windows\system32\conhost.exe "-11111682841779827271-562955083151889929370534620688376570-14398669031153010633
"C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --type=renderer --enable-
features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingDisableUpload<SafeBrowsingIncidentReportingService,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingSer
viceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,MainFrameBeforeActivation<MainFrameBeforeActivation,NetworkTimeServiceQuerying<NetworkTi
meQueries,PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,WebRTC-
H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --disable-
features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame --force-
fieldtrials=AutofillClassifier/Enabled/AutofillFieldMetadata/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/*AutomaticTabDiscarding/Enabled_Once_10-
gen2/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DefaultBrowserInfobar/SettingsText/*DisallowFetchFor
DocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup/EnableGoogleCachedCopyTextExperiment/Button/*EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/EnableSessio
nCrashedBubbleUI/Enabled/ExtensionActionRedesign/Enabled/*ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleBrandedContextMenu/branded/GoogleNow/Enable/IconNTP/Def
ault/InstanceID/Enabled/IntelligentSessionRestore/Enabled/*LocalNTPSuggestionsService/Enabled/*MainFrameBeforeActivation/Enabled/MaterialDesignDownloads/Enabled/MojoChannel/Enabled/*NetworkQu
alityEstimator/Enabled/NetworkTimeQueries/NetworkTimeQueriesEnabled/*NewProfileManagement/Enabled/OfferUploadCreditCards/Enabled/OutOfProcessPac/Enabled/*PageRevisitInstrumentation/Enabled
/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/*PreRead/NoPrefetchArgument
2/PreconnectMore/Enabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SRTPromptFieldTrial/On/SSLCom
monNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Enabled/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingReportPhishingErrorLink/
Enabled/SafeBrowsingUpdateFrequency/UpdateTime15m/SafeBrowsingV4LocalDatabaseManagerEnabled/Enabled/*SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/*SettingsEnforcement
/enforce_always_with_extensions_and_dse/*StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/*TriggeredResetFieldTrial/On/*UMA
_CheckStates/Checks/*V8CacheStrategiesForCacheStorage/none/VarationsServiceControl/Interval_30min/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Enabled/WebRTC-
H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/use-new-media-cache/Enabled/ --primordial-pipe-
token=BF62AAFA0B981790C13FD0F38014004A --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-
settings=disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-
factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-
texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=4752BF0ADC382C86B7FE8A7CBD1E0266 --mojo-application-channel-
token=4B508E9D0EACDAEB3E5679276F94AE79 --channel="4092.12.1379402529\1792081144" --mojo-platform-channel-handle=3064
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\jemin\Desktop\Nový textový dokument.txt
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible;
MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\jemin\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\PjDfytumxbayONn.job - rundll32 "C:\Program Files (x86)\kqEuPYMaU\GXHxKF.dll",#1
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe -boot
C:\Windows\tasks\wupdate.job - C:\Users\jemin\AppData\Local\wupdate\wupdate.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-30 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-20 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2017-09-06 189288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}]
YoutubeAdBlock - C:\Program Files (x86)\ZfJRwqLPhIE\tZcAvuy.dll [2017-10-30 569856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-30 211368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}]
Search@Mail.Ru - C:\Users\jemin\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll [2017-10-30 1584856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-20 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2017-09-06 160192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}]
YoutubeAdBlock - C:\Program Files (x86)\ZfJRwqLPhIE\k7zVdU1Vp.dll [2017-10-30 402432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-20 255088]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-20 193136]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2000-01-01 190536]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 13876952]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2017-10-11 1796032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Svátky a výročí"=C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe [2015-10-04 1019904]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"jemin"=explorer.exe http://kb-ribaki.org []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-08-25 27832272]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-10-25 3102496]
"MailRuUpdater"=C:\Users\jemin\AppData\Local\Mail.Ru\MailRuUpdater.exe [2017-08-21 4100312]
"MediaPlayerApplication"=C:\Users\jemin\AppData\Roaming\MediaPlayerApplication\MediaPlayerApplication.exe [2017-10-30 1323520]
"ttkutpvogu"=explorer http://granena.ru/?utm_source=uoua03n&u ... d=20171030 []
"KometaLaunchPanel"=C:\Users\jemin\AppData\Local\Kometa\Panel\KometaLaunchPanel.exe [2017-10-30 4105312]
"ycAutoLaunch_8BD45C324E1801E78C906E73D35C9CF9"=C:\Users\jemin\AppData\Local\yc\Application\yc.exe [2017-10-19 4018688]
"KometaAutoLaunch_99329504B9DDFAA4DB3EFCC619BA3175"=C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe [2016-08-09 1535200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GSplay.exe]
D:\GSplay.exe [2015-10-04 4772747]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Program Killer.lnk]
C:\PROGRA~2\PROGRA~1\PROGRA~1.EXE [2015-10-04 1534976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jemin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
C:\PROGRA~2\MYPCBA~1\MYPCBA~1.EXE []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
""= []
"ProductUpdater"=C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [2016-07-19 75776]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\jemin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\Windows\system32\RunDll32.exe
Vesmír na dlani.lnk - C:\Program Files (x86)\Noční obloha\vesmir.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 275360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PAexec]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2017-10-30 15:12:44 ----D---- C:\rsit
2017-10-30 15:05:12 ----ASH---- C:\hiberfil.sys
2017-10-30 13:08:23 ----D---- C:\Windat
2017-10-30 13:08:22 ----D---- C:\Program Files\LaCie Private Public
2017-10-30 13:08:22 ----D---- C:\Disk
2017-10-30 13:08:00 ----D---- C:\Program Files (x86)\EnjoyWiFi
2017-10-30 13:06:47 ----D---- C:\Users\jemin\AppData\Roaming\curl
2017-10-30 13:05:23 ----D---- C:\Users\jemin\AppData\Roaming\Subversion
2017-10-30 13:04:45 ----RSHD---- C:\Windows\Microsoft
2017-10-30 13:00:54 ----D---- C:\Program Files (x86)\zTWnHlzwjSUn
2017-10-30 13:00:54 ----D---- C:\Program Files (x86)\ZfJRwqLPhIE
2017-10-30 13:00:54 ----D---- C:\Program Files (x86)\JIdcnntTvnKU2
2017-10-30 13:00:53 ----D---- C:\Program Files (x86)\kqEuPYMaU
2017-10-30 13:00:48 ----D---- C:\Users\jemin\AppData\Roaming\MediaPlayerApplication
2017-10-30 12:58:08 ----D---- C:\Program Files (x86)\Mail.Ru
2017-10-30 12:58:03 ----D---- C:\ProgramData\Mail.Ru
2017-10-30 12:43:11 ----SHD---- C:\Config.Msi
2017-10-30 09:58:22 ----D---- C:\NVIDIA
2017-10-26 18:14:06 ----D---- C:\Users\jemin\AppData\Roaming\Burnaware
2017-10-26 18:14:02 ----D---- C:\Program Files (x86)\BurnAware Free
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvumdshimx.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvopencl.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvoglv64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvoglshim64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvinitx.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\NvIFR64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvhdap64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\NvFBC64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvdispgenco6438800.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvdispco6438800.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvcuvid.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvcuda.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvcompiler.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2017-10-23 17:55:13 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2017-10-23 17:30:34 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2017-10-16 16:42:14 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-16 16:20:29 ----A---- C:\Windows\system32\mshtml.dll
2017-10-16 16:20:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-10-16 16:20:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-10-16 16:20:28 ----A---- C:\Windows\system32\ieframe.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\wininet.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\win32k.sys
2017-10-16 16:20:27 ----A---- C:\Windows\system32\urlmon.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\tquery.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\rdpcorets.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\Query.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-16 16:20:27 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\mf.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\jscript9.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\jscript.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\iertutil.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\wlansec.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\webcheck.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\vbscript.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\themeui.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\t2embed.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\smss.exe
2017-10-16 16:20:26 ----A---- C:\Windows\system32\schannel.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-16 16:20:26 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\rdpudd.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\ntdll.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mssvp.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mssrch.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\msctf.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mfps.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-16 16:20:26 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\kernel32.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\kerberos.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\ieui.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\icaapi.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\gdi32.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\certcli.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\advapi32.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\user.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\wow64win.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\wow64cpu.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\wow64.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\winsrv.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\wdigest.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\sspicli.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\srcore.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\srclient.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\secur32.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\rstrui.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\occache.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ntvdm64.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\mssph.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msshooks.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msrating.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msobjs.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msaudite.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\mferror.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\lsass.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\KernelBase.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\inseng.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\iesetup.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\iernonce.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-16 16:20:25 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-16 16:20:25 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\credssp.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\conhost.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\auditpol.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\appidapi.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\adtschema.dll
2017-10-05 04:51:50 ----D---- C:\ProgramData\Slightly Mad Studios
2017-10-04 06:21:22 ----A---- C:\Windows\system32\nvdispgenco6438569.dll
2017-10-04 06:21:22 ----A---- C:\Windows\system32\nvdispco6438569.dll
2017-10-02 20:56:22 ----D---- C:\Users\jemin\AppData\Roaming\Roaming
======List of files/folders modified in the last 1 month======
2017-10-30 15:15:48 ----D---- C:\Program Files\trend micro
2017-10-30 15:11:04 ----D---- C:\Windows\System32
2017-10-30 15:11:04 ----D---- C:\Windows\inf
2017-10-30 15:11:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-30 15:10:29 ----D---- C:\Windows\temp
2017-10-30 15:08:21 ----D---- C:\Windows\system32\config
2017-10-30 15:08:14 ----D---- C:\Users\jemin\AppData\Roaming\Skype
2017-10-30 15:05:55 ----D---- C:\Fraps
2017-10-30 15:05:54 ----D---- C:\Windows\system32\Tasks
2017-10-30 15:05:26 ----D---- C:\ProgramData\NVIDIA
2017-10-30 15:05:22 ----D---- C:\Program Files (x86)\Steam
2017-10-30 15:05:11 ----D---- C:\Windows\system32\drivers
2017-10-30 15:04:14 ----AD---- C:\ProgramData
2017-10-30 13:08:22 ----RD---- C:\Program Files
2017-10-30 13:08:00 ----RD---- C:\Program Files (x86)
2017-10-30 13:07:08 ----D---- C:\Windows\Tasks
2017-10-30 13:04:45 ----D---- C:\Windows
2017-10-30 13:00:10 ----D---- C:\Windows\SysWOW64
2017-10-30 13:00:05 ----HD---- C:\Windows\system32\GroupPolicy
2017-10-30 12:51:32 ----D---- C:\Windows\Minidump
2017-10-30 12:49:54 ----D---- C:\Windows\system32\DriverStore
2017-10-30 12:43:12 ----SHD---- C:\Windows\Installer
2017-10-30 12:43:09 ----SHD---- C:\System Volume Information
2017-10-30 12:42:40 ----D---- C:\ProgramData\Package Cache
2017-10-30 12:41:57 ----RSD---- C:\Windows\assembly
2017-10-30 12:20:48 ----D---- C:\ProgramData\NVIDIA Corporation
2017-10-27 03:46:53 ----D---- C:\Program Files (x86)\McAfee
2017-10-26 18:14:16 ----D---- C:\Program Files (x86)\Common Files
2017-10-26 18:14:05 ----D---- C:\ProgramData\McAfee
2017-10-25 18:42:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-25 18:42:40 ----D---- C:\Windows\system32\Macromed
2017-10-25 18:42:39 ----D---- C:\Windows\SYSWOW64\Macromed
2017-10-23 18:20:14 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-10-23 17:56:29 ----D---- C:\Users\jemin\AppData\Roaming\NVIDIA
2017-10-23 17:56:00 ----D---- C:\Program Files\NVIDIA Corporation
2017-10-23 17:32:16 ----D---- C:\Windows\system32\catroot2
2017-10-19 19:03:16 ----D---- C:\Users\jemin\AppData\Roaming\vlc
2017-10-16 21:09:10 ----D---- C:\Windows\rescache
2017-10-16 17:51:43 ----D---- C:\Windows\Microsoft.NET
2017-10-16 17:41:23 ----D---- C:\Windows\winsxs
2017-10-16 17:40:19 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-10-16 17:40:19 ----D---- C:\Windows\SYSWOW64\migration
2017-10-16 17:40:19 ----D---- C:\Windows\SYSWOW64\en-US
2017-10-16 17:40:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-10-16 17:40:19 ----D---- C:\Windows\system32\sk-SK
2017-10-16 17:40:19 ----D---- C:\Windows\system32\migration
2017-10-16 17:40:19 ----D---- C:\Windows\system32\en-US
2017-10-16 17:40:19 ----D---- C:\Windows\system32\cs-CZ
2017-10-16 17:40:19 ----D---- C:\Windows\system32\Boot
2017-10-16 17:40:19 ----D---- C:\Windows\AppPatch
2017-10-16 17:40:19 ----D---- C:\Program Files\Internet Explorer
2017-10-16 17:40:19 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-16 16:44:24 ----D---- C:\Windows\system32\MRT
2017-10-16 16:42:12 ----AC---- C:\Windows\system32\MRT.exe
2017-10-12 22:33:56 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-10-12 22:33:56 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-10-12 22:33:56 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-10-12 22:33:56 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-10-12 22:33:56 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2017-10-12 22:33:56 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-10-12 22:33:56 ----A---- C:\Windows\system32\nvapi64.dll
2017-10-12 21:25:58 ----A---- C:\Windows\NvContainerRecovery.bat
2017-10-12 20:55:22 ----A---- C:\Windows\system32\nvsvc64.dll
2017-10-12 20:55:22 ----A---- C:\Windows\system32\nvcpl.dll
2017-10-12 20:55:18 ----A---- C:\Windows\system32\nvsvcr.dll
2017-10-12 20:55:18 ----A---- C:\Windows\system32\nvshext.dll
2017-10-12 20:55:18 ----A---- C:\Windows\system32\nvmctray.dll
2017-10-12 20:55:18 ----A---- C:\Windows\system32\nv3dappshextr.dll
2017-10-12 20:55:18 ----A---- C:\Windows\system32\nv3dappshext.dll
2017-10-11 02:05:52 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2017-10-11 02:05:52 ----A---- C:\Windows\system32\nvspcap64.dll
2017-10-11 02:05:51 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2017-10-11 02:05:47 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2017-10-11 02:05:47 ----A---- C:\Windows\system32\nvaudcap64v.dll
2017-10-11 00:26:14 ----A---- C:\Windows\NvTelemetryContainerRecovery.bat
2017-10-02 20:56:28 ----D---- C:\Games
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-02-19 21584]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-05-30 50464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-28 283064]
R1 MpKsl9d103eb1;MpKsl9d103eb1; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0FB98098-255E-42AD-A999-79A93E22728B}\MpKsl9d103eb1.sys [2017-10-30 49392]
R1 wfcre;wfcre; C:\Windows\system32\drivers\wfcre.sys [2017-07-04 124288]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-12-21 3793872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 4467928]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2017-02-14 111608]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-10-12 225208]
R3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-10-11 30144]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-10-11 50624]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2017-08-18 57792]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-25 769168]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S1 MpKsl6ad3767b;MpKsl6ad3767b; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0FB98098-255E-42AD-A999-79A93E22728B}\MpKsl6ad3767b.sys [2017-10-30 49392]
S1 MpKslabc8ce25;MpKslabc8ce25; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0FB98098-255E-42AD-A999-79A93E22728B}\MpKslabc8ce25.sys [2017-10-30 49392]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-05-06 21584]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2000-01-01 395504]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2000-01-01 806128]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2017-08-13 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2017-10-30 16056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Home.10.0;ABBYY FineReader 10 HE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe [2010
-07-21 814344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2016-07-19 108032]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-01-13 319096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-04 169432]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2017-09-06 590880]
R2 mrupdsrv;Mail.Ru Update Service; C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe [2017-08-21 1314008]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-10-12 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-11 460736]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-01-03 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2017-01-31 214520]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2016-11-23 4696960]
R2 SvcHost Service Host;SvcHost Service Host; C:\Windows\Microsoft\svchost.exe -k LocalService []
R2 Updater.Mail.Ru;Updater.Mail.Ru; C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe [2017-08-21 4100312]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
R3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-10-25 1641248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-04 432088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S2 SlimService;SlimWare Utility Service Launcher; C:\Program Files\SlimService\SlimServiceFactory.exe []
S2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-10-04 5467920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25 272384]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-01-13 280696]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2015-10-04 137488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-10-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2015-10-04 64856]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe []
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2015-10-04 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-10-04 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-10-04 145184]
S3 PAExec;PAExec; C:\Windows\PAExec.exe [2017-01-28 189112]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by jemin at 2017-10-30 15:15:48
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 14 GB (8%) free of 172 GB
Total RAM: 8079 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:15:48, on 30.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Fraps\fraps.exe
C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\jemin\AppData\Local\Mail.Ru\MailRuUpdater.exe
C:\Users\jemin\AppData\Roaming\MediaPlayerApplication\MediaPlayerApplication.exe
C:\Users\jemin\AppData\Local\Kometa\Panel\KometaLaunchPanel.exe
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Program Files (x86)\Noční obloha\vesmir.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Disk\WebService.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Disk\WEBSER~1.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\ZfJRwqLPhIE\landhTGixw.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe
C:\Program Files\trend micro\jemin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://time-to-read.ru/?
utm_source=uoua03n&utm_content=e739009bccd5f1e6d71a91bff5994529&utm_term=256F29F2108A5A51F6A9F0E8D3607E4C&utm_d=20171030
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: MRSearchPlugin - {8E8F97CD-60B5-456F-A201-73065652D099} - C:\Users\jemin\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: YoutubeAdBlock - {C0D38E5A-7CF8-4105-8FE8-31B81443A114} - C:\Program Files (x86)\ZfJRwqLPhIE\k7zVdU1Vp.dll
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (file missing)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)"
-AutoStart 1
O4 - HKCU\..\Run: [jemin] explorer.exe http://kb-ribaki.org
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [MailRuUpdater] C:\Users\jemin\AppData\Local\Mail.Ru\MailRuUpdater.exe
O4 - HKCU\..\Run: [MediaPlayerApplication] "C:\Users\jemin\AppData\Roaming\MediaPlayerApplication\MediaPlayerApplication.exe"
O4 - HKCU\..\Run: [ttkutpvogu] explorer "http://granena.ru/?
utm_source=uoua03n&utm_content=e739009bccd5f1e6d71a91bff5994529&utm_term=256F29F2108A5A51F6A9F0E8D3607E4C&utm_d=20171030"
O4 - HKCU\..\Run: [KometaLaunchPanel] C:\Users\jemin\AppData\Local\Kometa\Panel\KometaLaunchPanel.exe
O4 - HKCU\..\Run: [ycAutoLaunch_8BD45C324E1801E78C906E73D35C9CF9] "C:\Users\jemin\AppData\Local\yc\Application\yc.exe" /prefetch:5
O4 - HKCU\..\Run: [KometaAutoLaunch_99329504B9DDFAA4DB3EFCC619BA3175] "C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --no-startup-window
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Startup: Vesmír na dlani.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 10 HE Licensing Service (ABBYY.Licensing.FineReader.Home.10.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home
\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Mail.Ru Update Service (mrupdsrv) - Mail.Ru - C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Unknown owner - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PAExec - Power Admin LLC - C:\Windows\PAExec.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SlimWare Utility Service Launcher (SlimService) - Unknown owner - C:\Program Files\SlimService\SlimServiceFactory.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SvcHost Service Host - Unknown owner - C:\Windows\Microsoft\svchost.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater.Mail.Ru - Mail.Ru - C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14862 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:
\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation
\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe" -service
taskeng.exe {F792665E-3B10-4AF6-9A0E-C795239A6279}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe" --s
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation
\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA
Corporation\NvTelemetry\plugins" -r
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\SysWOW64\ssins.exe
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe" --s
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins
\SPUser" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3
-p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
taskeng.exe {99EFF703-24F4-4C95-BA10-E0DB404DCDEC}
"C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Fraps\fraps.exe
"C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe" -userServiceMode
igfxEM.exe
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Users\jemin\AppData\Local\Mail.Ru\MailRuUpdater.exe"
"C:\Users\jemin\AppData\Roaming\MediaPlayerApplication\MediaPlayerApplication.exe"
"C:\Users\jemin\AppData\Local\Kometa\Panel\KometaLaunchPanel.exe"
"C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --no-startup-window /prefetch:5
C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe --type=crashpad-handler --no-rate-limit "--database=C:\Users\jemin\AppData\Local\Chromium\User Data\Crashpad" --
annotation=channel=unknown --annotation=plat=Win32 --annotation=prod=Kometa --annotation=ver=52.0.2743.82-devel --handshake-handle=0xbc
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN42H2G0CM05SZ;CONNECTION=NW;MONITOR=1;
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files (x86)\Noční obloha\vesmir.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --type=gpu-process --channel="4092.0.1178314280\628069049" --mojo-application-channel-token=334F24BFCB2F3DC794CEA9DA8295C786
--enable-
features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingDisableUpload<SafeBrowsingIncidentReportingService,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingSer
viceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,MainFrameBeforeActivation<MainFrameBeforeActivation,NetworkTimeServiceQuerying<NetworkTi
meQueries,PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,WebRTC-
H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --disable-
features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame --force-
fieldtrials=AutofillClassifier/Enabled/AutofillFieldMetadata/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/AutomaticTabDiscarding/Enabled_Once_10-
gen2/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DefaultBrowserInfobar/SettingsText/DisallowFetchForD
ocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup/EnableGoogleCachedCopyTextExperiment/Button/EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/EnableSessionC
rashedBubbleUI/Enabled/ExtensionActionRedesign/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleBrandedContextMenu/branded/GoogleNow/Enable/IconNTP/Default
/InstanceID/Enabled/IntelligentSessionRestore/Enabled/LocalNTPSuggestionsService/Enabled/MainFrameBeforeActivation/Enabled/MaterialDesignDownloads/Enabled/MojoChannel/Enabled/*NetworkQualityE
stimator/Enabled/NetworkTimeQueries/NetworkTimeQueriesEnabled/NewProfileManagement/Enabled/OfferUploadCreditCards/Enabled/OutOfProcessPac/Enabled/PageRevisitInstrumentation/Enabled/Passw
ordBranding/SmartLockBrandingSavePromptOnly/PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PreRead/NoPrefetchArgument2/Preconn
ectMore/Enabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Launch50pct_11011_1_1_10/SRTPromptFieldTrial/On/SSLCommonName
MismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Enabled/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingReportPhishingErrorLink/Enabled/Sa
feBrowsingUpdateFrequency/UpdateTime15m/SafeBrowsingV4LocalDatabaseManagerEnabled/Enabled/SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/SettingsEnforcement/enforce_alw
ays_with_extensions_and_dse/StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/TriggeredResetFieldTrial/On/*UMA_CheckStates/
Checks/V8CacheStrategiesForCacheStorage/none/VarationsServiceControl/Interval_30min/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Enabled/WebRTC-
H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/use-new-media-cache/Enabled/ --disable-direct-composition --supports-dual-
gpus=false --gpu-driver-bug-workarounds=4,12,13,27,55,71 --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.8800 --gpu-driver-date=10-12-2017 --
gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0412 --mojo-platform-channel-handle=1072 --ignored=" --type=renderer "
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
"C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --type=renderer --enable-
features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingDisableUpload<SafeBrowsingIncidentReportingService,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingSer
viceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,MainFrameBeforeActivation<MainFrameBeforeActivation,NetworkTimeServiceQuerying<NetworkTi
meQueries,PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,WebRTC-
H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --disable-
features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame --force-
fieldtrials=AutofillClassifier/Enabled/AutofillFieldMetadata/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/*AutomaticTabDiscarding/Enabled_Once_10-
gen2/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DefaultBrowserInfobar/SettingsText/*DisallowFetchFor
DocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup/EnableGoogleCachedCopyTextExperiment/Button/*EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/EnableSessio
nCrashedBubbleUI/Enabled/ExtensionActionRedesign/Enabled/*ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleBrandedContextMenu/branded/GoogleNow/Enable/IconNTP/Def
ault/InstanceID/Enabled/IntelligentSessionRestore/Enabled/*LocalNTPSuggestionsService/Enabled/*MainFrameBeforeActivation/Enabled/MaterialDesignDownloads/Enabled/MojoChannel/Enabled/*NetworkQu
alityEstimator/Enabled/NetworkTimeQueries/NetworkTimeQueriesEnabled/*NewProfileManagement/Enabled/OfferUploadCreditCards/Enabled/OutOfProcessPac/Enabled/*PageRevisitInstrumentation/Enabled
/PasswordBranding/SmartLockBrandingSavePromptOnly/PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PreRead/NoPrefetchArgument2/
PreconnectMore/Enabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SRTPromptFieldTrial/On/SSLComm
onNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Enabled/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingReportPhishingErrorLink/En
abled/SafeBrowsingUpdateFrequency/UpdateTime15m/SafeBrowsingV4LocalDatabaseManagerEnabled/Enabled/SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/*SettingsEnforcement/en
force_always_with_extensions_and_dse/StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/*TriggeredResetFieldTrial/On/*UMA_Ch
eckStates/Checks/V8CacheStrategiesForCacheStorage/none/VarationsServiceControl/Interval_30min/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Enabled/WebRTC-
H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/use-new-media-cache/Enabled/ --primordial-pipe-
token=77BE1E29B0DC69B9B04CACA047788EBA --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-
settings=disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-
factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-
texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=E5CC7BB8128EE7FD2958CF7493CB19FA --mojo-application-channel-
token=A1F57F64C9FEF13301CB2D81A05B300E --channel="4092.2.1566782575\18009519" --mojo-platform-channel-handle=1824
"C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --type=renderer --enable-
features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingDisableUpload<SafeBrowsingIncidentReportingService,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingSer
viceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,MainFrameBeforeActivation<MainFrameBeforeActivation,NetworkTimeServiceQuerying<NetworkTi
meQueries,PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,WebRTC-
H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --disable-
features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame --force-
fieldtrials=AutofillClassifier/Enabled/AutofillFieldMetadata/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/*AutomaticTabDiscarding/Enabled_Once_10-
gen2/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DefaultBrowserInfobar/SettingsText/*DisallowFetchFor
DocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup/EnableGoogleCachedCopyTextExperiment/Button/*EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/EnableSessio
nCrashedBubbleUI/Enabled/ExtensionActionRedesign/Enabled/*ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleBrandedContextMenu/branded/GoogleNow/Enable/IconNTP/Def
ault/InstanceID/Enabled/IntelligentSessionRestore/Enabled/*LocalNTPSuggestionsService/Enabled/*MainFrameBeforeActivation/Enabled/MaterialDesignDownloads/Enabled/MojoChannel/Enabled/*NetworkQu
alityEstimator/Enabled/NetworkTimeQueries/NetworkTimeQueriesEnabled/*NewProfileManagement/Enabled/OfferUploadCreditCards/Enabled/OutOfProcessPac/Enabled/*PageRevisitInstrumentation/Enabled
/PasswordBranding/SmartLockBrandingSavePromptOnly/PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PreRead/NoPrefetchArgument2/
PreconnectMore/Enabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SRTPromptFieldTrial/On/SSLComm
onNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Enabled/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingReportPhishingErrorLink/En
abled/SafeBrowsingUpdateFrequency/UpdateTime15m/SafeBrowsingV4LocalDatabaseManagerEnabled/Enabled/SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/*SettingsEnforcement/en
force_always_with_extensions_and_dse/StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/*TriggeredResetFieldTrial/On/*UMA_Ch
eckStates/Checks/V8CacheStrategiesForCacheStorage/none/VarationsServiceControl/Interval_30min/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Enabled/WebRTC-
H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/use-new-media-cache/Enabled/ --primordial-pipe-
token=6D7EFECE2BC71369FE86EE471C853CD0 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-
settings=disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-
factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-
texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=9FDA6E17E94E137ECA59D62380824359 --mojo-application-channel-
token=1007EA8ACE522432645E95796B3F0354 --channel="4092.3.1681704669\2066998142" --mojo-platform-channel-handle=1784
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\jemin\AppData\Local\Steam\htmlcache" "-steampid=4804" "-buildid=1508910373" "-steamid=0" "-
clientui=C:\Program Files (x86)\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu
--enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-
handler "--database=C:\Users\jemin\AppData\Local\CEF\User Data\Crashpad" "--metrics-dir=C:\Users\jemin\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --
annotation=platform=win32 --annotation=product=cefwebhelper --annotation=version=1.0 --initial-client-data=0x184,0x188,0x18c,0x180,0x190,0x510d81ec,0x510d81fc,0x510d820c
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "-12530563101687251150-19667980631268325306-640023768881084936-1043091120940095888
"C:\Windows\Microsoft\svchost.exe.exe" -a cryptonight -o stratum+tcp://mine.moneropool.com:3333 -u
4B9Darzi85pHxc53y1KZ6BHpFhdFSbTMYHMbK5BCByM36HsbsXqVzHYHwkybR1272oaZ4zPJ2EP79bw4dRUJR9pLSebAhDM -p x -t 4
\??\C:\Windows\system32\conhost.exe "539200508-8322232759666672901299317021155691727-17077159271957922381-1855423359
C:\Disk\WebService.exe
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation
\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-gpu-compositing --no-sandbox --service-pipe-
token=B82A1FF0B933EADEE00DC6370C16D2C3 --lang=en-US --lang=en-US --log-file="C:\Users\jemin\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-
scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-
target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;
1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,35
53;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,1
0,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3
553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-gpu-compositing --service-request-channel-token=B82A1FF0B933EADEE00DC6370C16D2C3 --renderer-client-id=2 --mojo-
platform-channel-handle=1724 /prefetch:1
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -d "C:\Program Files\NVIDIA Corporation\NvStreamSrv\SsauPlugins" -f "C:\ProgramData\NVIDIA Corporation\nvstreamsvc\NvcSSAU.log" -l
4 -r -c
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe"
rundll32.exe "C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxcore.dll" RmWindowsHookSetup
rundll32.exe "C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxcore.dll" RmWindowsHookSetup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Disk\WEBSER~1.EXE 6576
C:\Disk\securedisk.exe -o mine4.12finance.com:4444 -u 49uCjDkMQQ1aqm5efnH79E22aveF6bFGBTVhusWQYBBfdpC5s8zXqzVVjD3xdj3vCd3GeRQ4rNPGmUdHu8GbNspVEbTZ1HE -p x -k -t 2 --donate-
level=1
\??\C:\Windows\system32\conhost.exe "2112698932-261814686-1126600200-1506111497760636152-1586562062400992681999407432
"C:\Program Files\Internet Explorer\iexplore.exe" "http://izogreb.ru/?utm_d=20171030"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2332 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"C:\Fraps\fraps64.dat"
"C:\Program Files (x86)\ZfJRwqLPhIE\landhTGixw.exe" -Embedding
"C:\Program Files\Internet Explorer\iexplore.exe" "http://izogreb.ru/?utm_d=20171030"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4348 CREDAT:267521 /prefetch:2
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4348 CREDAT:1447250 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4348 CREDAT:4068628 /prefetch:2
"C:\Windows\Microsoft\svchost.exe" -k LocalService
"C:\Windows\Microsoft\svchost.exe.exe" -a cryptonight -o stratum+tcp://mine.moneropool.com:3333 -u
4B9Darzi85pHxc53y1KZ6BHpFhdFSbTMYHMbK5BCByM36HsbsXqVzHYHwkybR1272oaZ4zPJ2EP79bw4dRUJR9pLSebAhDM -p x -t 4
\??\C:\Windows\system32\conhost.exe "-11111682841779827271-562955083151889929370534620688376570-14398669031153010633
"C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe" --type=renderer --enable-
features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingDisableUpload<SafeBrowsingIncidentReportingService,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingSer
viceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,MainFrameBeforeActivation<MainFrameBeforeActivation,NetworkTimeServiceQuerying<NetworkTi
meQueries,PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,WebRTC-
H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --disable-
features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame --force-
fieldtrials=AutofillClassifier/Enabled/AutofillFieldMetadata/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/*AutomaticTabDiscarding/Enabled_Once_10-
gen2/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DefaultBrowserInfobar/SettingsText/*DisallowFetchFor
DocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup/EnableGoogleCachedCopyTextExperiment/Button/*EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/EnableSessio
nCrashedBubbleUI/Enabled/ExtensionActionRedesign/Enabled/*ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleBrandedContextMenu/branded/GoogleNow/Enable/IconNTP/Def
ault/InstanceID/Enabled/IntelligentSessionRestore/Enabled/*LocalNTPSuggestionsService/Enabled/*MainFrameBeforeActivation/Enabled/MaterialDesignDownloads/Enabled/MojoChannel/Enabled/*NetworkQu
alityEstimator/Enabled/NetworkTimeQueries/NetworkTimeQueriesEnabled/*NewProfileManagement/Enabled/OfferUploadCreditCards/Enabled/OutOfProcessPac/Enabled/*PageRevisitInstrumentation/Enabled
/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/*PreRead/NoPrefetchArgument
2/PreconnectMore/Enabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SRTPromptFieldTrial/On/SSLCom
monNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Enabled/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingReportPhishingErrorLink/
Enabled/SafeBrowsingUpdateFrequency/UpdateTime15m/SafeBrowsingV4LocalDatabaseManagerEnabled/Enabled/*SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/*SettingsEnforcement
/enforce_always_with_extensions_and_dse/*StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/*TriggeredResetFieldTrial/On/*UMA
_CheckStates/Checks/*V8CacheStrategiesForCacheStorage/none/VarationsServiceControl/Interval_30min/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Enabled/WebRTC-
H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/use-new-media-cache/Enabled/ --primordial-pipe-
token=BF62AAFA0B981790C13FD0F38014004A --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-
settings=disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-
factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-
texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=4752BF0ADC382C86B7FE8A7CBD1E0266 --mojo-application-channel-
token=4B508E9D0EACDAEB3E5679276F94AE79 --channel="4092.12.1379402529\1792081144" --mojo-platform-channel-handle=3064
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\jemin\Desktop\Nový textový dokument.txt
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible;
MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\jemin\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\PjDfytumxbayONn.job - rundll32 "C:\Program Files (x86)\kqEuPYMaU\GXHxKF.dll",#1
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe -boot
C:\Windows\tasks\wupdate.job - C:\Users\jemin\AppData\Local\wupdate\wupdate.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-30 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-20 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2017-09-06 189288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}]
YoutubeAdBlock - C:\Program Files (x86)\ZfJRwqLPhIE\tZcAvuy.dll [2017-10-30 569856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-30 211368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}]
Search@Mail.Ru - C:\Users\jemin\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll [2017-10-30 1584856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-20 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2017-09-06 160192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}]
YoutubeAdBlock - C:\Program Files (x86)\ZfJRwqLPhIE\k7zVdU1Vp.dll [2017-10-30 402432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-20 255088]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-20 193136]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2000-01-01 190536]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 13876952]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2017-10-11 1796032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Svátky a výročí"=C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe [2015-10-04 1019904]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"jemin"=explorer.exe http://kb-ribaki.org []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-08-25 27832272]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-10-25 3102496]
"MailRuUpdater"=C:\Users\jemin\AppData\Local\Mail.Ru\MailRuUpdater.exe [2017-08-21 4100312]
"MediaPlayerApplication"=C:\Users\jemin\AppData\Roaming\MediaPlayerApplication\MediaPlayerApplication.exe [2017-10-30 1323520]
"ttkutpvogu"=explorer http://granena.ru/?utm_source=uoua03n&u ... d=20171030 []
"KometaLaunchPanel"=C:\Users\jemin\AppData\Local\Kometa\Panel\KometaLaunchPanel.exe [2017-10-30 4105312]
"ycAutoLaunch_8BD45C324E1801E78C906E73D35C9CF9"=C:\Users\jemin\AppData\Local\yc\Application\yc.exe [2017-10-19 4018688]
"KometaAutoLaunch_99329504B9DDFAA4DB3EFCC619BA3175"=C:\Users\jemin\AppData\Local\Kometa\Application\kometa.exe [2016-08-09 1535200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GSplay.exe]
D:\GSplay.exe [2015-10-04 4772747]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Program Killer.lnk]
C:\PROGRA~2\PROGRA~1\PROGRA~1.EXE [2015-10-04 1534976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jemin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
C:\PROGRA~2\MYPCBA~1\MYPCBA~1.EXE []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
""= []
"ProductUpdater"=C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [2016-07-19 75776]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\jemin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\Windows\system32\RunDll32.exe
Vesmír na dlani.lnk - C:\Program Files (x86)\Noční obloha\vesmir.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 275360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PAexec]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2017-10-30 15:12:44 ----D---- C:\rsit
2017-10-30 15:05:12 ----ASH---- C:\hiberfil.sys
2017-10-30 13:08:23 ----D---- C:\Windat
2017-10-30 13:08:22 ----D---- C:\Program Files\LaCie Private Public
2017-10-30 13:08:22 ----D---- C:\Disk
2017-10-30 13:08:00 ----D---- C:\Program Files (x86)\EnjoyWiFi
2017-10-30 13:06:47 ----D---- C:\Users\jemin\AppData\Roaming\curl
2017-10-30 13:05:23 ----D---- C:\Users\jemin\AppData\Roaming\Subversion
2017-10-30 13:04:45 ----RSHD---- C:\Windows\Microsoft
2017-10-30 13:00:54 ----D---- C:\Program Files (x86)\zTWnHlzwjSUn
2017-10-30 13:00:54 ----D---- C:\Program Files (x86)\ZfJRwqLPhIE
2017-10-30 13:00:54 ----D---- C:\Program Files (x86)\JIdcnntTvnKU2
2017-10-30 13:00:53 ----D---- C:\Program Files (x86)\kqEuPYMaU
2017-10-30 13:00:48 ----D---- C:\Users\jemin\AppData\Roaming\MediaPlayerApplication
2017-10-30 12:58:08 ----D---- C:\Program Files (x86)\Mail.Ru
2017-10-30 12:58:03 ----D---- C:\ProgramData\Mail.Ru
2017-10-30 12:43:11 ----SHD---- C:\Config.Msi
2017-10-30 09:58:22 ----D---- C:\NVIDIA
2017-10-26 18:14:06 ----D---- C:\Users\jemin\AppData\Roaming\Burnaware
2017-10-26 18:14:02 ----D---- C:\Program Files (x86)\BurnAware Free
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-10-23 17:55:13 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvumdshimx.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvopencl.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvoglv64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvoglshim64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvinitx.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\NvIFR64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvhdap64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\NvFBC64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvdispgenco6438800.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvdispco6438800.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvcuvid.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvcuda.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\nvcompiler.dll
2017-10-23 17:55:13 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2017-10-23 17:55:13 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2017-10-23 17:30:34 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2017-10-16 16:42:14 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-16 16:20:29 ----A---- C:\Windows\system32\mshtml.dll
2017-10-16 16:20:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-10-16 16:20:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-10-16 16:20:28 ----A---- C:\Windows\system32\ieframe.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-10-16 16:20:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\wininet.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\win32k.sys
2017-10-16 16:20:27 ----A---- C:\Windows\system32\urlmon.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\tquery.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\rdpcorets.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\Query.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-16 16:20:27 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\mf.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\jscript9.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\jscript.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\iertutil.dll
2017-10-16 16:20:27 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-10-16 16:20:26 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\wlansec.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\webcheck.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\vbscript.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\themeui.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\t2embed.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\smss.exe
2017-10-16 16:20:26 ----A---- C:\Windows\system32\schannel.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-16 16:20:26 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\rdpudd.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\ntdll.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mssvp.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mssrch.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\msctf.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mfps.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-16 16:20:26 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\kernel32.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\kerberos.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\ieui.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\icaapi.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\gdi32.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-16 16:20:26 ----A---- C:\Windows\system32\certcli.dll
2017-10-16 16:20:26 ----A---- C:\Windows\system32\advapi32.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-16 16:20:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\user.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-10-16 16:20:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\wow64win.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\wow64cpu.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\wow64.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\winsrv.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\wdigest.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\sspicli.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\srcore.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\srclient.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\secur32.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\rstrui.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\occache.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ntvdm64.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\mssph.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msshooks.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msrating.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msobjs.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\msaudite.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\mferror.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\lsass.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\KernelBase.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\inseng.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\iesetup.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\iernonce.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-16 16:20:25 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-16 16:20:25 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\credssp.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\conhost.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\auditpol.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-16 16:20:25 ----A---- C:\Windows\system32\appidapi.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-16 16:20:25 ----A---- C:\Windows\system32\adtschema.dll
2017-10-05 04:51:50 ----D---- C:\ProgramData\Slightly Mad Studios
2017-10-04 06:21:22 ----A---- C:\Windows\system32\nvdispgenco6438569.dll
2017-10-04 06:21:22 ----A---- C:\Windows\system32\nvdispco6438569.dll
2017-10-02 20:56:22 ----D---- C:\Users\jemin\AppData\Roaming\Roaming
======List of files/folders modified in the last 1 month======
2017-10-30 15:15:48 ----D---- C:\Program Files\trend micro
2017-10-30 15:11:04 ----D---- C:\Windows\System32
2017-10-30 15:11:04 ----D---- C:\Windows\inf
2017-10-30 15:11:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-30 15:10:29 ----D---- C:\Windows\temp
2017-10-30 15:08:21 ----D---- C:\Windows\system32\config
2017-10-30 15:08:14 ----D---- C:\Users\jemin\AppData\Roaming\Skype
2017-10-30 15:05:55 ----D---- C:\Fraps
2017-10-30 15:05:54 ----D---- C:\Windows\system32\Tasks
2017-10-30 15:05:26 ----D---- C:\ProgramData\NVIDIA
2017-10-30 15:05:22 ----D---- C:\Program Files (x86)\Steam
2017-10-30 15:05:11 ----D---- C:\Windows\system32\drivers
2017-10-30 15:04:14 ----AD---- C:\ProgramData
2017-10-30 13:08:22 ----RD---- C:\Program Files
2017-10-30 13:08:00 ----RD---- C:\Program Files (x86)
2017-10-30 13:07:08 ----D---- C:\Windows\Tasks
2017-10-30 13:04:45 ----D---- C:\Windows
2017-10-30 13:00:10 ----D---- C:\Windows\SysWOW64
2017-10-30 13:00:05 ----HD---- C:\Windows\system32\GroupPolicy
2017-10-30 12:51:32 ----D---- C:\Windows\Minidump
2017-10-30 12:49:54 ----D---- C:\Windows\system32\DriverStore
2017-10-30 12:43:12 ----SHD---- C:\Windows\Installer
2017-10-30 12:43:09 ----SHD---- C:\System Volume Information
2017-10-30 12:42:40 ----D---- C:\ProgramData\Package Cache
2017-10-30 12:41:57 ----RSD---- C:\Windows\assembly
2017-10-30 12:20:48 ----D---- C:\ProgramData\NVIDIA Corporation
2017-10-27 03:46:53 ----D---- C:\Program Files (x86)\McAfee
2017-10-26 18:14:16 ----D---- C:\Program Files (x86)\Common Files
2017-10-26 18:14:05 ----D---- C:\ProgramData\McAfee
2017-10-25 18:42:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-25 18:42:40 ----D---- C:\Windows\system32\Macromed
2017-10-25 18:42:39 ----D---- C:\Windows\SYSWOW64\Macromed
2017-10-23 18:20:14 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-10-23 17:56:29 ----D---- C:\Users\jemin\AppData\Roaming\NVIDIA
2017-10-23 17:56:00 ----D---- C:\Program Files\NVIDIA Corporation
2017-10-23 17:32:16 ----D---- C:\Windows\system32\catroot2
2017-10-19 19:03:16 ----D---- C:\Users\jemin\AppData\Roaming\vlc
2017-10-16 21:09:10 ----D---- C:\Windows\rescache
2017-10-16 17:51:43 ----D---- C:\Windows\Microsoft.NET
2017-10-16 17:41:23 ----D---- C:\Windows\winsxs
2017-10-16 17:40:19 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-10-16 17:40:19 ----D---- C:\Windows\SYSWOW64\migration
2017-10-16 17:40:19 ----D---- C:\Windows\SYSWOW64\en-US
2017-10-16 17:40:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-10-16 17:40:19 ----D---- C:\Windows\system32\sk-SK
2017-10-16 17:40:19 ----D---- C:\Windows\system32\migration
2017-10-16 17:40:19 ----D---- C:\Windows\system32\en-US
2017-10-16 17:40:19 ----D---- C:\Windows\system32\cs-CZ
2017-10-16 17:40:19 ----D---- C:\Windows\system32\Boot
2017-10-16 17:40:19 ----D---- C:\Windows\AppPatch
2017-10-16 17:40:19 ----D---- C:\Program Files\Internet Explorer
2017-10-16 17:40:19 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-16 16:44:24 ----D---- C:\Windows\system32\MRT
2017-10-16 16:42:12 ----AC---- C:\Windows\system32\MRT.exe
2017-10-12 22:33:56 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-10-12 22:33:56 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-10-12 22:33:56 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-10-12 22:33:56 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-10-12 22:33:56 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2017-10-12 22:33:56 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-10-12 22:33:56 ----A---- C:\Windows\system32\nvapi64.dll
2017-10-12 21:25:58 ----A---- C:\Windows\NvContainerRecovery.bat
2017-10-12 20:55:22 ----A---- C:\Windows\system32\nvsvc64.dll
2017-10-12 20:55:22 ----A---- C:\Windows\system32\nvcpl.dll
2017-10-12 20:55:18 ----A---- C:\Windows\system32\nvsvcr.dll
2017-10-12 20:55:18 ----A---- C:\Windows\system32\nvshext.dll
2017-10-12 20:55:18 ----A---- C:\Windows\system32\nvmctray.dll
2017-10-12 20:55:18 ----A---- C:\Windows\system32\nv3dappshextr.dll
2017-10-12 20:55:18 ----A---- C:\Windows\system32\nv3dappshext.dll
2017-10-11 02:05:52 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2017-10-11 02:05:52 ----A---- C:\Windows\system32\nvspcap64.dll
2017-10-11 02:05:51 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2017-10-11 02:05:47 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2017-10-11 02:05:47 ----A---- C:\Windows\system32\nvaudcap64v.dll
2017-10-11 00:26:14 ----A---- C:\Windows\NvTelemetryContainerRecovery.bat
2017-10-02 20:56:28 ----D---- C:\Games
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-02-19 21584]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-05-30 50464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-28 283064]
R1 MpKsl9d103eb1;MpKsl9d103eb1; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0FB98098-255E-42AD-A999-79A93E22728B}\MpKsl9d103eb1.sys [2017-10-30 49392]
R1 wfcre;wfcre; C:\Windows\system32\drivers\wfcre.sys [2017-07-04 124288]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-12-21 3793872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 4467928]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2017-02-14 111608]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-10-12 225208]
R3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-10-11 30144]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-10-11 50624]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2017-08-18 57792]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-25 769168]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S1 MpKsl6ad3767b;MpKsl6ad3767b; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0FB98098-255E-42AD-A999-79A93E22728B}\MpKsl6ad3767b.sys [2017-10-30 49392]
S1 MpKslabc8ce25;MpKslabc8ce25; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0FB98098-255E-42AD-A999-79A93E22728B}\MpKslabc8ce25.sys [2017-10-30 49392]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-05-06 21584]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2000-01-01 395504]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2000-01-01 806128]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2017-08-13 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2017-10-30 16056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Home.10.0;ABBYY FineReader 10 HE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe [2010
-07-21 814344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2016-07-19 108032]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-01-13 319096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-04 169432]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2017-09-06 590880]
R2 mrupdsrv;Mail.Ru Update Service; C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe [2017-08-21 1314008]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-10-12 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-11 460736]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-01-03 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2017-01-31 214520]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2016-11-23 4696960]
R2 SvcHost Service Host;SvcHost Service Host; C:\Windows\Microsoft\svchost.exe -k LocalService []
R2 Updater.Mail.Ru;Updater.Mail.Ru; C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe [2017-08-21 4100312]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
R3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-10-25 1641248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-04 432088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S2 SlimService;SlimWare Utility Service Launcher; C:\Program Files\SlimService\SlimServiceFactory.exe []
S2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-10-04 5467920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25 272384]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-01-13 280696]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2015-10-04 137488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-10-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2015-10-04 64856]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe []
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2015-10-04 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-10-04 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-10-04 145184]
S3 PAExec;PAExec; C:\Windows\PAExec.exe [2017-01-28 189112]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
-----------------EOF-----------------
-ještě jednou dík -poslal jsem něco na podporu ,abych si udělal očko 