Zdravím,
rád bych požádal o preventivní prověření notebooku na přítomnost havěti a jestli je možné tak i prověřit, že PC nikdo nezneužívá na zasílání spamu, DDoS útoky atd.
Je přibližně půl roku starý, žádné vážné problémy nepozoruji, pouze start systému se mi zdá pomalejší než býval, místy horší odezva při práci se složkami,
místy "spadne" jedna ze záložek Chromu a poměrně dlouho trvá než se mi otevře dokument v open office (až 10s). Pro úplnost zmiňuji,
že log z RSIT se vytvářel kolem 3 minut, přičemž v návodu je, že by to mělo být několik sekund.
V notebooku probíhá prostřednictvím Windows naplánovaná defragmentace disku jednou týdně, automatické čištění nepotřebných souborů a cca
jednou za 2 měsíce pročistím CCleanerem... Dříve (dokud jsem měl XP) tak jsem používal TuneUp Utilities, ale zde jsem je zatím neinstaloval.
Myslíte, že bych měl, nebo je zmíněná údržba dostačující?
Standardní teplota (bez zátěže) CPU je kolem 45 stupňů, HDD kolem 35 stupňů, při zátěži CPU 70-75 stupňů, HDD max 45-50, to si myslím, že je OK, souhlasíte?
Předem děkuji za Váš čas věnovaný tomuto vláknu.
Dále tedy již vlastní log.txt z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2015-07-31 21:56:02
Microsoft Windows 8.1
System drive C: has 671 GB (72%) free of 936 GB
Total RAM: 3987 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:10, on 31. 7. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/?pc=ACJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7754 bytes
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {DF75F337-7C1C-4329-B635-A6C81FF1E40A}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
dashost.exe {519ff4d5-2919-4373-9a31cbacaf4f673a}
C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
taskhostex.exe
igfxHK.exe
igfxTray.exe
C:\Windows\Explorer.EXE
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Windows\system32\igfxext.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe"
C:\Windows\system32\GWX\GWX.exe /updateconfig
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 3d9c3d57-7fbe-4201-ac4f-22376172310b 1
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4120.0.1158125749\198855281" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/disable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4120.2.853759769\1791650289" --font-cache-shared-handle=2248 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/disable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4120.4.708601278\478671636" --font-cache-shared-handle=4208 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/disable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4120.5.1213090759\160023855" --font-cache-shared-handle=4752 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/disable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4120.6.1022010181\488032818" --font-cache-shared-handle=5304 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/disable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4120.7.1164107593\403649042" --font-cache-shared-handle=3948 /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d041676887ae99.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0bfad1feb1d22.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d08fc7fd189f8b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10 13671640]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-08-19 5617432]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-06-20 22012688]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-31 21:56:03 ----D---- C:\Program Files\trend micro
2015-07-31 21:56:02 ----D---- C:\rsit
2015-07-31 21:51:26 ----A---- C:\RSITx64.exe
2015-07-28 20:53:54 ----A---- C:\Windows\system32\appraiser.dll
2015-07-21 10:51:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 10:51:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 10:51:01 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 10:51:01 ----A---- C:\Windows\system32\atmfd.dll
2015-07-17 11:57:48 ----D---- C:\Program Files (x86)\Metro Redux - Bundle
2015-07-16 01:09:55 ----SHD---- C:\Config.Msi
2015-07-15 10:30:55 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 10:30:55 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wups.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 10:29:16 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 10:29:16 ----A---- C:\Windows\system32\WiFiDisplay.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\certcli.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\audiosrv.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 10:29:01 ----A---- C:\Windows\system32\profsvc.dll
2015-07-15 10:29:01 ----A---- C:\Windows\system32\authui.dll
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 10:29:00 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 10:29:00 ----A---- C:\Windows\system32\msi.dll
2015-07-15 10:28:55 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2015-07-15 10:28:55 ----A---- C:\Windows\system32\shell32.dll
2015-07-15 10:28:55 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 10:28:54 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-07-15 10:28:54 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-07-15 10:28:54 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-07-15 10:28:04 ----AC---- C:\Windows\system32\drivers\bthport.sys
2015-07-15 10:28:00 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-07-15 10:27:57 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 10:27:57 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 10:27:56 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 10:27:28 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2015-07-15 10:27:28 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 10:27:28 ----A---- C:\Windows\system32\WSShared.dll
2015-07-15 10:27:28 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 10:27:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 10:27:27 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 10:26:36 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 10:26:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 10:26:29 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 10:26:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 10:26:27 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 10:26:27 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 10:26:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 10:26:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 10:22:22 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 10:22:22 ----A---- C:\Windows\system32\actxprxy.dll
2015-07-15 10:22:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\webcheck.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\inetcomm.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\iepeers.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 10:14:44 ----A---- C:\Windows\system32\fhcpl.dll
2015-07-15 10:14:43 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 10:14:43 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 10:14:40 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 10:14:40 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 10:14:38 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-07-15 10:14:38 ----A---- C:\Windows\system32\msftedit.dll
2015-07-15 10:13:20 ----A---- C:\Windows\system32\apphelp.dll
2015-07-15 10:12:32 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 10:12:31 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 10:12:30 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2015-07-04 16:38:55 ----D---- C:\ProgramData\NVIDIA
2015-07-04 16:38:50 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-07-04 16:38:50 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-07-04 16:38:45 ----A---- C:\Windows\system32\nvsvc64.dll
2015-07-04 16:38:45 ----A---- C:\Windows\system32\nvshext.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvvsvc.exe
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvsvcr.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvmctray.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvcpl.dll
2015-07-04 16:36:33 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-07-04 16:36:33 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-07-04 16:36:29 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-07-04 16:36:29 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-07-04 16:36:29 ----A---- C:\Windows\system32\nvopencl.dll
2015-07-04 16:36:29 ----A---- C:\Windows\system32\nvoglv64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvinitx.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvIFR64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvFBC64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcuvid.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcuda.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcompiler.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvapi64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
======List of files/folders modified in the last 1 month======
2015-07-31 21:56:03 ----RD---- C:\Program Files
2015-07-31 21:51:29 ----D---- C:\Windows\Temp
2015-07-31 21:45:14 ----D---- C:\Windows\system32\sru
2015-07-31 18:05:11 ----D---- C:\Windows\system32\config
2015-07-31 18:03:14 ----SHD---- C:\System Volume Information
2015-07-31 18:01:04 ----D---- C:\Windows\WinSxS
2015-07-31 17:55:57 ----D---- C:\Windows\Prefetch
2015-07-31 17:51:01 ----D---- C:\Windows\Microsoft.NET
2015-07-31 17:38:54 ----D---- C:\Windows\Inf
2015-07-31 01:46:09 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2015-07-30 19:26:07 ----HD---- C:\Program Files\WindowsApps
2015-07-29 02:09:29 ----D---- C:\Windows\CbsTemp
2015-07-29 02:08:07 ----RD---- C:\Windows\System32
2015-07-28 21:20:06 ----D---- C:\Windows\rescache
2015-07-27 23:25:48 ----D---- C:\Windows\system32\en-US
2015-07-27 23:25:48 ----D---- C:\Windows\system32\cs-CZ
2015-07-25 17:05:49 ----SD---- C:\Windows\system32\GWX
2015-07-24 18:16:23 ----D---- C:\Windows\AppReadiness
2015-07-23 09:19:09 ----D---- C:\Windows\SysWOW64
2015-07-22 00:50:20 ----D---- C:\Program Files (x86)\PokerStars
2015-07-21 10:51:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-21 01:58:40 ----D---- C:\Windows\system32\MRT
2015-07-18 12:00:30 ----D---- C:\Windows\system32\DriverStore
2015-07-17 12:51:34 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-17 11:57:48 ----D---- C:\Program Files (x86)
2015-07-17 03:06:50 ----D---- C:\Windows\apppatch
2015-07-17 03:06:49 ----D---- C:\Windows\system32\drivers
2015-07-17 03:06:49 ----D---- C:\Windows\system32\CodeIntegrity
2015-07-17 03:06:48 ----RD---- C:\Windows\ToastData
2015-07-17 03:06:47 ----SD---- C:\Windows\system32\CompatTel
2015-07-17 03:06:47 ----D---- C:\Windows\WinStore
2015-07-17 03:06:47 ----D---- C:\Windows\system32\wbem
2015-07-17 03:06:47 ----D---- C:\Windows\system32\appraiser
2015-07-17 03:06:46 ----D---- C:\Program Files\Internet Explorer
2015-07-17 03:06:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 12:08:02 ----SHD---- C:\Windows\Installer
2015-07-16 11:52:28 ----D---- C:\Windows\system32\Tasks
2015-07-16 11:52:27 ----D---- C:\Windows\Tasks
2015-07-15 10:12:27 ----D---- C:\Windows\system32\catroot2
2015-07-13 23:10:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-04 16:39:12 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-04 16:38:55 ----HD---- C:\ProgramData
2015-07-04 16:38:43 ----D---- C:\Windows\Help
2015-07-04 16:38:43 ----D---- C:\Program Files\NVIDIA Corporation
2015-07-04 16:36:45 ----D---- C:\ProgramData\boost_interprocess
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-07-01 20:18:36 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-07-01 20:18:34 ----SD---- C:\ProgramData\Microsoft
2015-07-01 20:13:46 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2015-07-01 20:13:45 ----D---- C:\Program Files (x86)\PokerStrategy.com
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BTATH_BUS;@oem15.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2013-08-26 239296]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-08-20 62136]
R1 dtsoftbus01;@oem23.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-01-03 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-08-20 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-08-20 168256]
R1 EpfwLWF;@oem37.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-08-20 44120]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-08-20 220232]
R3 athr;@oem14.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2014-02-14 3888640]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-28 3949656]
R3 iwdbus;@oem4.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 LMDriver;@oem21.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-18 21360]
R3 MEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-12-10 100312]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11011216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;@oem42.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 RadioShim;@oem21.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-18 14680]
R3 RTL8168;@oem9.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-28 854744]
R3 RTSPER;@oem13.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-04-02 476888]
R3 SynRMIHID;@oem12.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-07-10 42736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 AthBTPort;@oem18.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
S3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
S3 BTATH_A2DP;@oem17.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
S3 btath_avdt;@oem17.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2014-02-26 118984]
S3 BTATH_HCRP;@oem20.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
S3 BTATH_LWFLT;@oem22.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
S3 BTATH_RCP;@oem24.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2014-02-26 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dg_ssudbus;@oem29.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem3.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 IntcDAud;@oem1.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 ssudmdm;@oem30.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-08-19 1337240]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-21 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-06-10 466664]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-06-12 2573032]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 107912]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-21 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 107912]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola notebooku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola notebooku
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola notebooku
Zdravím,
děkuji za odpověď. Níže přikládám log z AdwClenaeru:
# AdwCleaner v4.208 - Log vytvořen 02/08/2015 v 12:27:55
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Michal - MICHAL-PC
# Spuštěno z : C:\Users\Michal\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\ytd video downloader
Složka Smazáno : C:\ProgramData\pokki
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Složka Smazáno : C:\Program Files (x86)\GreenTree Applications
Soubor Smazáno : C:\Users\Public\Desktop\YTD Video Downloader.lnk
Soubor Smazáno : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKCU\Software\Classes\pokki
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v44.0.2403.125
[C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
*************************
AdwCleaner[R0].txt - [1631 bytů] - [02/08/2015 12:24:10]
AdwCleaner[S0].txt - [1546 bytů] - [02/08/2015 12:27:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1604 bytů] ##########
děkuji za odpověď. Níže přikládám log z AdwClenaeru:
# AdwCleaner v4.208 - Log vytvořen 02/08/2015 v 12:27:55
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Michal - MICHAL-PC
# Spuštěno z : C:\Users\Michal\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\ytd video downloader
Složka Smazáno : C:\ProgramData\pokki
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Složka Smazáno : C:\Program Files (x86)\GreenTree Applications
Soubor Smazáno : C:\Users\Public\Desktop\YTD Video Downloader.lnk
Soubor Smazáno : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKCU\Software\Classes\pokki
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v44.0.2403.125
[C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
*************************
AdwCleaner[R0].txt - [1631 bytů] - [02/08/2015 12:24:10]
AdwCleaner[S0].txt - [1546 bytů] - [02/08/2015 12:27:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1604 bytů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola notebooku
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola notebooku
Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2015-08-02 12:58:59
Microsoft Windows 8.1
System drive C: has 676 GB (72%) free of 936 GB
Total RAM: 3987 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:59:00, on 2. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/?pc=ACJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7692 bytes
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 3d9c3d57-7fbe-4201-ac4f-22376172310b 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-da338201-2a0f-41d7-99ec-41e7c1dee2ad -SystemEventPortName:HostProcess-8b29b0cb-3332-4102-926e-3ee82a005762 -IoCancelEventPortName:HostProcess-814218fd-f7e9-48ba-989c-cc33240f3358 -NonStateChangingEventPortName:HostProcess-62a30949-3c0d-46eb-a51e-501bd73d7844 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:10a1f35a-834e-4433-bcea-006dcafe2e01 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
taskhostex.exe
taskeng.exe {7F28CC7B-AC09-4309-9BA5-0CEBE7F1C6FA}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
igfxEM.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe"
igfxHK.exe
igfxTray.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Windows\system32\igfxext.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5020.0.786593440\168082722" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin1/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5020.3.1140309207\121859423" --font-cache-shared-handle=2940 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin1/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5020.4.1321136321\1412653751" --font-cache-shared-handle=3400 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin1/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5020.5.1687937080\1870347300" --font-cache-shared-handle=2676 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin1/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5020.6.368647369\805599812" --font-cache-shared-handle=5108 /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d041676887ae99.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0bfad1feb1d22.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d08fc7fd189f8b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10 13671640]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-08-19 5617432]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-06-20 22012688]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-02 12:23:48 ----D---- C:\AdwCleaner
2015-07-31 21:56:03 ----D---- C:\Program Files\trend micro
2015-07-31 21:56:02 ----D---- C:\rsit
2015-07-31 21:51:26 ----A---- C:\RSITx64.exe
2015-07-28 20:53:54 ----A---- C:\Windows\system32\appraiser.dll
2015-07-21 10:51:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 10:51:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 10:51:01 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 10:51:01 ----A---- C:\Windows\system32\atmfd.dll
2015-07-17 11:57:48 ----D---- C:\Program Files (x86)\Metro Redux - Bundle
2015-07-16 01:09:55 ----SHD---- C:\Config.Msi
2015-07-15 10:30:55 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 10:30:55 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wups.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 10:29:16 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 10:29:16 ----A---- C:\Windows\system32\WiFiDisplay.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\certcli.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\audiosrv.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 10:29:01 ----A---- C:\Windows\system32\profsvc.dll
2015-07-15 10:29:01 ----A---- C:\Windows\system32\authui.dll
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 10:29:00 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 10:29:00 ----A---- C:\Windows\system32\msi.dll
2015-07-15 10:28:55 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2015-07-15 10:28:55 ----A---- C:\Windows\system32\shell32.dll
2015-07-15 10:28:55 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 10:28:54 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-07-15 10:28:54 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-07-15 10:28:54 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-07-15 10:28:04 ----AC---- C:\Windows\system32\drivers\bthport.sys
2015-07-15 10:28:00 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-07-15 10:27:57 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 10:27:57 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 10:27:56 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 10:27:28 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2015-07-15 10:27:28 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 10:27:28 ----A---- C:\Windows\system32\WSShared.dll
2015-07-15 10:27:28 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 10:27:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 10:27:27 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 10:26:36 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 10:26:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 10:26:29 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 10:26:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 10:26:27 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 10:26:27 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 10:26:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 10:26:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 10:22:22 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 10:22:22 ----A---- C:\Windows\system32\actxprxy.dll
2015-07-15 10:22:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\webcheck.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\inetcomm.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\iepeers.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 10:14:44 ----A---- C:\Windows\system32\fhcpl.dll
2015-07-15 10:14:43 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 10:14:43 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 10:14:40 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 10:14:40 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 10:14:38 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-07-15 10:14:38 ----A---- C:\Windows\system32\msftedit.dll
2015-07-15 10:13:20 ----A---- C:\Windows\system32\apphelp.dll
2015-07-15 10:12:32 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 10:12:31 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 10:12:30 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2015-07-04 16:38:55 ----D---- C:\ProgramData\NVIDIA
2015-07-04 16:38:50 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-07-04 16:38:50 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-07-04 16:38:45 ----A---- C:\Windows\system32\nvsvc64.dll
2015-07-04 16:38:45 ----A---- C:\Windows\system32\nvshext.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvvsvc.exe
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvsvcr.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvmctray.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvcpl.dll
2015-07-04 16:36:33 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-07-04 16:36:33 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-07-04 16:36:29 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-07-04 16:36:29 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-07-04 16:36:29 ----A---- C:\Windows\system32\nvopencl.dll
2015-07-04 16:36:29 ----A---- C:\Windows\system32\nvoglv64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvinitx.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvIFR64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvFBC64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcuvid.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcuda.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcompiler.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvapi64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
======List of files/folders modified in the last 1 month======
2015-08-02 12:40:24 ----D---- C:\Windows\Temp
2015-08-02 12:39:59 ----D---- C:\Windows\Prefetch
2015-08-02 12:36:55 ----RD---- C:\Windows\System32
2015-08-02 12:36:55 ----D---- C:\Windows\Inf
2015-08-02 12:36:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-02 12:27:56 ----D---- C:\Program Files (x86)
2015-08-02 12:27:55 ----HD---- C:\ProgramData
2015-08-02 12:08:20 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2015-08-02 12:08:11 ----D---- C:\Windows\system32\sru
2015-08-02 03:33:19 ----D---- C:\Windows\Microsoft.NET
2015-07-31 23:48:51 ----D---- C:\Windows\system32\drivers\etc
2015-07-31 21:56:03 ----RD---- C:\Program Files
2015-07-31 21:49:48 ----D---- C:\Windows\system32\config
2015-07-31 18:03:14 ----SHD---- C:\System Volume Information
2015-07-31 18:01:04 ----D---- C:\Windows\WinSxS
2015-07-30 19:26:07 ----HD---- C:\Program Files\WindowsApps
2015-07-30 19:26:07 ----D---- C:\Windows\AppReadiness
2015-07-29 02:09:29 ----D---- C:\Windows\CbsTemp
2015-07-28 21:20:06 ----D---- C:\Windows\rescache
2015-07-27 23:25:48 ----D---- C:\Windows\system32\en-US
2015-07-27 23:25:48 ----D---- C:\Windows\system32\cs-CZ
2015-07-25 17:05:49 ----SD---- C:\Windows\system32\GWX
2015-07-23 09:19:09 ----D---- C:\Windows\SysWOW64
2015-07-22 00:50:20 ----D---- C:\Program Files (x86)\PokerStars
2015-07-21 01:58:40 ----D---- C:\Windows\system32\MRT
2015-07-18 12:00:30 ----D---- C:\Windows\system32\DriverStore
2015-07-17 12:51:34 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-17 03:06:50 ----D---- C:\Windows\apppatch
2015-07-17 03:06:49 ----D---- C:\Windows\system32\drivers
2015-07-17 03:06:49 ----D---- C:\Windows\system32\CodeIntegrity
2015-07-17 03:06:48 ----RD---- C:\Windows\ToastData
2015-07-17 03:06:47 ----SD---- C:\Windows\system32\CompatTel
2015-07-17 03:06:47 ----D---- C:\Windows\WinStore
2015-07-17 03:06:47 ----D---- C:\Windows\system32\wbem
2015-07-17 03:06:47 ----D---- C:\Windows\system32\appraiser
2015-07-17 03:06:46 ----D---- C:\Program Files\Internet Explorer
2015-07-17 03:06:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 12:08:02 ----SHD---- C:\Windows\Installer
2015-07-16 11:52:28 ----D---- C:\Windows\system32\Tasks
2015-07-16 11:52:27 ----D---- C:\Windows\Tasks
2015-07-15 10:12:27 ----D---- C:\Windows\system32\catroot2
2015-07-13 23:10:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-04 16:39:12 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-04 16:38:43 ----D---- C:\Windows\Help
2015-07-04 16:38:43 ----D---- C:\Program Files\NVIDIA Corporation
2015-07-04 16:36:45 ----D---- C:\ProgramData\boost_interprocess
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BTATH_BUS;@oem15.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2013-08-26 239296]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-08-20 62136]
R1 dtsoftbus01;@oem23.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-01-03 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-08-20 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-08-20 168256]
R1 EpfwLWF;@oem37.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-08-20 44120]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-08-20 220232]
R3 athr;@oem14.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2014-02-14 3888640]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 dg_ssudbus;@oem29.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-28 3949656]
R3 iwdbus;@oem4.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 LMDriver;@oem21.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-18 21360]
R3 MEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-12-10 100312]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11011216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;@oem42.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 RadioShim;@oem21.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-18 14680]
R3 RTL8168;@oem9.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-28 854744]
R3 RTSPER;@oem13.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-04-02 476888]
R3 ssudmdm;@oem30.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
R3 SynRMIHID;@oem12.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-07-10 42736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 AthBTPort;@oem18.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
S3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
S3 BTATH_A2DP;@oem17.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
S3 btath_avdt;@oem17.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2014-02-26 118984]
S3 BTATH_HCRP;@oem20.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
S3 BTATH_LWFLT;@oem22.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
S3 BTATH_RCP;@oem24.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2014-02-26 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem3.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 IntcDAud;@oem1.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-08-19 1337240]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-21 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-06-10 466664]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-06-12 2573032]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 107912]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-21 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 107912]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
-----------------EOF-----------------
Run by Michal at 2015-08-02 12:58:59
Microsoft Windows 8.1
System drive C: has 676 GB (72%) free of 936 GB
Total RAM: 3987 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:59:00, on 2. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/?pc=ACJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7692 bytes
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 3d9c3d57-7fbe-4201-ac4f-22376172310b 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-da338201-2a0f-41d7-99ec-41e7c1dee2ad -SystemEventPortName:HostProcess-8b29b0cb-3332-4102-926e-3ee82a005762 -IoCancelEventPortName:HostProcess-814218fd-f7e9-48ba-989c-cc33240f3358 -NonStateChangingEventPortName:HostProcess-62a30949-3c0d-46eb-a51e-501bd73d7844 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:10a1f35a-834e-4433-bcea-006dcafe2e01 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
taskhostex.exe
taskeng.exe {7F28CC7B-AC09-4309-9BA5-0CEBE7F1C6FA}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
igfxEM.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe"
igfxHK.exe
igfxTray.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Windows\system32\igfxext.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5020.0.786593440\168082722" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin1/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5020.3.1140309207\121859423" --font-cache-shared-handle=2940 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin1/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5020.4.1321136321\1412653751" --font-cache-shared-handle=3400 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin1/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5020.5.1687937080\1870347300" --font-cache-shared-handle=2676 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin1/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5020.6.368647369\805599812" --font-cache-shared-handle=5108 /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d041676887ae99.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0bfad1feb1d22.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d08fc7fd189f8b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10 13671640]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-08-19 5617432]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-06-20 22012688]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-02 12:23:48 ----D---- C:\AdwCleaner
2015-07-31 21:56:03 ----D---- C:\Program Files\trend micro
2015-07-31 21:56:02 ----D---- C:\rsit
2015-07-31 21:51:26 ----A---- C:\RSITx64.exe
2015-07-28 20:53:54 ----A---- C:\Windows\system32\appraiser.dll
2015-07-21 10:51:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 10:51:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 10:51:01 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 10:51:01 ----A---- C:\Windows\system32\atmfd.dll
2015-07-17 11:57:48 ----D---- C:\Program Files (x86)\Metro Redux - Bundle
2015-07-16 01:09:55 ----SHD---- C:\Config.Msi
2015-07-15 10:30:55 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 10:30:55 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wups.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 10:29:16 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 10:29:16 ----A---- C:\Windows\system32\WiFiDisplay.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\certcli.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\audiosrv.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 10:29:01 ----A---- C:\Windows\system32\profsvc.dll
2015-07-15 10:29:01 ----A---- C:\Windows\system32\authui.dll
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 10:29:00 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 10:29:00 ----A---- C:\Windows\system32\msi.dll
2015-07-15 10:28:55 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2015-07-15 10:28:55 ----A---- C:\Windows\system32\shell32.dll
2015-07-15 10:28:55 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 10:28:54 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-07-15 10:28:54 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-07-15 10:28:54 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-07-15 10:28:04 ----AC---- C:\Windows\system32\drivers\bthport.sys
2015-07-15 10:28:00 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-07-15 10:27:57 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 10:27:57 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 10:27:56 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 10:27:28 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2015-07-15 10:27:28 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 10:27:28 ----A---- C:\Windows\system32\WSShared.dll
2015-07-15 10:27:28 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 10:27:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 10:27:27 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 10:26:36 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 10:26:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 10:26:29 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 10:26:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 10:26:27 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 10:26:27 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 10:26:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 10:26:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 10:22:22 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 10:22:22 ----A---- C:\Windows\system32\actxprxy.dll
2015-07-15 10:22:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\webcheck.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\inetcomm.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\iepeers.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 10:14:44 ----A---- C:\Windows\system32\fhcpl.dll
2015-07-15 10:14:43 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 10:14:43 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 10:14:40 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 10:14:40 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 10:14:38 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-07-15 10:14:38 ----A---- C:\Windows\system32\msftedit.dll
2015-07-15 10:13:20 ----A---- C:\Windows\system32\apphelp.dll
2015-07-15 10:12:32 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 10:12:31 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 10:12:30 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2015-07-04 16:38:55 ----D---- C:\ProgramData\NVIDIA
2015-07-04 16:38:50 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-07-04 16:38:50 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-07-04 16:38:45 ----A---- C:\Windows\system32\nvsvc64.dll
2015-07-04 16:38:45 ----A---- C:\Windows\system32\nvshext.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvvsvc.exe
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvsvcr.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvmctray.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvcpl.dll
2015-07-04 16:36:33 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-07-04 16:36:33 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-07-04 16:36:29 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-07-04 16:36:29 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-07-04 16:36:29 ----A---- C:\Windows\system32\nvopencl.dll
2015-07-04 16:36:29 ----A---- C:\Windows\system32\nvoglv64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvinitx.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvIFR64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvFBC64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcuvid.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcuda.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcompiler.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvapi64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
======List of files/folders modified in the last 1 month======
2015-08-02 12:40:24 ----D---- C:\Windows\Temp
2015-08-02 12:39:59 ----D---- C:\Windows\Prefetch
2015-08-02 12:36:55 ----RD---- C:\Windows\System32
2015-08-02 12:36:55 ----D---- C:\Windows\Inf
2015-08-02 12:36:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-02 12:27:56 ----D---- C:\Program Files (x86)
2015-08-02 12:27:55 ----HD---- C:\ProgramData
2015-08-02 12:08:20 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2015-08-02 12:08:11 ----D---- C:\Windows\system32\sru
2015-08-02 03:33:19 ----D---- C:\Windows\Microsoft.NET
2015-07-31 23:48:51 ----D---- C:\Windows\system32\drivers\etc
2015-07-31 21:56:03 ----RD---- C:\Program Files
2015-07-31 21:49:48 ----D---- C:\Windows\system32\config
2015-07-31 18:03:14 ----SHD---- C:\System Volume Information
2015-07-31 18:01:04 ----D---- C:\Windows\WinSxS
2015-07-30 19:26:07 ----HD---- C:\Program Files\WindowsApps
2015-07-30 19:26:07 ----D---- C:\Windows\AppReadiness
2015-07-29 02:09:29 ----D---- C:\Windows\CbsTemp
2015-07-28 21:20:06 ----D---- C:\Windows\rescache
2015-07-27 23:25:48 ----D---- C:\Windows\system32\en-US
2015-07-27 23:25:48 ----D---- C:\Windows\system32\cs-CZ
2015-07-25 17:05:49 ----SD---- C:\Windows\system32\GWX
2015-07-23 09:19:09 ----D---- C:\Windows\SysWOW64
2015-07-22 00:50:20 ----D---- C:\Program Files (x86)\PokerStars
2015-07-21 01:58:40 ----D---- C:\Windows\system32\MRT
2015-07-18 12:00:30 ----D---- C:\Windows\system32\DriverStore
2015-07-17 12:51:34 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-17 03:06:50 ----D---- C:\Windows\apppatch
2015-07-17 03:06:49 ----D---- C:\Windows\system32\drivers
2015-07-17 03:06:49 ----D---- C:\Windows\system32\CodeIntegrity
2015-07-17 03:06:48 ----RD---- C:\Windows\ToastData
2015-07-17 03:06:47 ----SD---- C:\Windows\system32\CompatTel
2015-07-17 03:06:47 ----D---- C:\Windows\WinStore
2015-07-17 03:06:47 ----D---- C:\Windows\system32\wbem
2015-07-17 03:06:47 ----D---- C:\Windows\system32\appraiser
2015-07-17 03:06:46 ----D---- C:\Program Files\Internet Explorer
2015-07-17 03:06:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 12:08:02 ----SHD---- C:\Windows\Installer
2015-07-16 11:52:28 ----D---- C:\Windows\system32\Tasks
2015-07-16 11:52:27 ----D---- C:\Windows\Tasks
2015-07-15 10:12:27 ----D---- C:\Windows\system32\catroot2
2015-07-13 23:10:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-04 16:39:12 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-04 16:38:43 ----D---- C:\Windows\Help
2015-07-04 16:38:43 ----D---- C:\Program Files\NVIDIA Corporation
2015-07-04 16:36:45 ----D---- C:\ProgramData\boost_interprocess
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BTATH_BUS;@oem15.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2013-08-26 239296]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-08-20 62136]
R1 dtsoftbus01;@oem23.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-01-03 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-08-20 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-08-20 168256]
R1 EpfwLWF;@oem37.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-08-20 44120]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-08-20 220232]
R3 athr;@oem14.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2014-02-14 3888640]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 dg_ssudbus;@oem29.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-28 3949656]
R3 iwdbus;@oem4.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 LMDriver;@oem21.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-18 21360]
R3 MEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-12-10 100312]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11011216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;@oem42.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 RadioShim;@oem21.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-18 14680]
R3 RTL8168;@oem9.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-28 854744]
R3 RTSPER;@oem13.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-04-02 476888]
R3 ssudmdm;@oem30.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
R3 SynRMIHID;@oem12.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-07-10 42736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 AthBTPort;@oem18.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
S3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
S3 BTATH_A2DP;@oem17.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
S3 btath_avdt;@oem17.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2014-02-26 118984]
S3 BTATH_HCRP;@oem20.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
S3 BTATH_LWFLT;@oem22.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
S3 BTATH_RCP;@oem24.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2014-02-26 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem3.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 IntcDAud;@oem1.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-08-19 1337240]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-21 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-06-10 466664]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-06-12 2573032]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 107912]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-21 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 107912]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola notebooku
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d041676887ae99.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0bfad1feb1d22.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d08fc7fd189f8b.job
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola notebooku
RSIT log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2015-08-02 13:35:51
Microsoft Windows 8.1
System drive C: has 678 GB (72%) free of 936 GB
Total RAM: 3987 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:35:54, on 2. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Michal\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/?pc=ACJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8208 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 3d9c3d57-7fbe-4201-ac4f-22376172310b 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f61655c7-2388-49df-a1a2-89f8fd83c974 -SystemEventPortName:HostProcess-5b8aca33-0a21-4aa7-a8bc-cd5f994a2953 -IoCancelEventPortName:HostProcess-d4f5a344-ca0f-48c6-bf77-396652b03cf3 -NonStateChangingEventPortName:HostProcess-1081df96-48f2-4132-a4a7-5d2934b56fdd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b57e4878-624d-4f64-85b9-0541b2654600 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
taskhostex.exe
taskeng.exe {FEEDCA9B-B6EF-49FA-A458-52980AC44424}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
igfxHK.exe
igfxTray.exe
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Users\Michal\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\08022015_133138.log
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Windows\system32\igfxext.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1392.0.1544125232\1783818415" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.1.1127629653\1212741221" --font-cache-shared-handle=1784 /prefetch:673131151
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.4.1081302427\1591004694" --font-cache-shared-handle=4416 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.5.1761299364\30155791" --font-cache-shared-handle=5016 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.6.99936201\652357575" --font-cache-shared-handle=5392 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.7.1538358853\506615205" --font-cache-shared-handle=6200 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.8.1382784352\1449075522" --font-cache-shared-handle=3624 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.9.1273957359\1428720907" --font-cache-shared-handle=7024 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.10.911502154\627973055" --font-cache-shared-handle=7732 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.11.499779191\1984576205" --font-cache-shared-handle=8380 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.12.861756727\1780240327" --font-cache-shared-handle=9004 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.13.806015069\1293270860" --font-cache-shared-handle=7844 /prefetch:673131151
"C:\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10 13671640]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-08-19 5617432]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-06-20 22012688]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-02 13:31:38 ----D---- C:\_OTM
2015-08-02 12:23:48 ----D---- C:\AdwCleaner
2015-07-31 21:56:03 ----D---- C:\Program Files\trend micro
2015-07-31 21:56:02 ----D---- C:\rsit
2015-07-31 21:51:26 ----A---- C:\RSITx64.exe
2015-07-28 20:53:54 ----A---- C:\Windows\system32\appraiser.dll
2015-07-21 10:51:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 10:51:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 10:51:01 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 10:51:01 ----A---- C:\Windows\system32\atmfd.dll
2015-07-17 11:57:48 ----D---- C:\Program Files (x86)\Metro Redux - Bundle
2015-07-16 01:09:55 ----SHD---- C:\Config.Msi
2015-07-15 10:30:55 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 10:30:55 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wups.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 10:29:16 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 10:29:16 ----A---- C:\Windows\system32\WiFiDisplay.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\certcli.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\audiosrv.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 10:29:01 ----A---- C:\Windows\system32\profsvc.dll
2015-07-15 10:29:01 ----A---- C:\Windows\system32\authui.dll
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 10:29:00 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 10:29:00 ----A---- C:\Windows\system32\msi.dll
2015-07-15 10:28:55 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2015-07-15 10:28:55 ----A---- C:\Windows\system32\shell32.dll
2015-07-15 10:28:55 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 10:28:54 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-07-15 10:28:54 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-07-15 10:28:54 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-07-15 10:28:04 ----AC---- C:\Windows\system32\drivers\bthport.sys
2015-07-15 10:28:00 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-07-15 10:27:57 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 10:27:57 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 10:27:56 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 10:27:28 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2015-07-15 10:27:28 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 10:27:28 ----A---- C:\Windows\system32\WSShared.dll
2015-07-15 10:27:28 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 10:27:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 10:27:27 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 10:26:36 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 10:26:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 10:26:29 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 10:26:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 10:26:27 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 10:26:27 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 10:26:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 10:26:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 10:22:22 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 10:22:22 ----A---- C:\Windows\system32\actxprxy.dll
2015-07-15 10:22:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\webcheck.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\inetcomm.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\iepeers.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 10:14:44 ----A---- C:\Windows\system32\fhcpl.dll
2015-07-15 10:14:43 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 10:14:43 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 10:14:40 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 10:14:40 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 10:14:38 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-07-15 10:14:38 ----A---- C:\Windows\system32\msftedit.dll
2015-07-15 10:13:20 ----A---- C:\Windows\system32\apphelp.dll
2015-07-15 10:12:32 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 10:12:31 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 10:12:30 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2015-07-04 16:38:55 ----D---- C:\ProgramData\NVIDIA
2015-07-04 16:38:50 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-07-04 16:38:50 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-07-04 16:38:45 ----A---- C:\Windows\system32\nvsvc64.dll
2015-07-04 16:38:45 ----A---- C:\Windows\system32\nvshext.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvvsvc.exe
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvsvcr.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvmctray.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvcpl.dll
2015-07-04 16:36:33 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-07-04 16:36:33 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-07-04 16:36:29 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-07-04 16:36:29 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-07-04 16:36:29 ----A---- C:\Windows\system32\nvopencl.dll
2015-07-04 16:36:29 ----A---- C:\Windows\system32\nvoglv64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvinitx.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvIFR64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvFBC64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcuvid.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcuda.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcompiler.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvapi64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
======List of files/folders modified in the last 1 month======
2015-08-02 13:35:15 ----D---- C:\Windows\Temp
2015-08-02 13:34:14 ----D---- C:\Windows\Prefetch
2015-08-02 13:31:38 ----D---- C:\Windows\Tasks
2015-08-02 13:08:52 ----D---- C:\Windows\AppReadiness
2015-08-02 13:02:05 ----D---- C:\Windows\system32\sru
2015-08-02 12:36:55 ----RD---- C:\Windows\System32
2015-08-02 12:36:55 ----D---- C:\Windows\Inf
2015-08-02 12:36:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-02 12:27:56 ----D---- C:\Program Files (x86)
2015-08-02 12:27:55 ----HD---- C:\ProgramData
2015-08-02 12:08:20 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2015-08-02 03:33:19 ----D---- C:\Windows\Microsoft.NET
2015-07-31 23:48:51 ----D---- C:\Windows\system32\drivers\etc
2015-07-31 21:56:03 ----RD---- C:\Program Files
2015-07-31 21:49:48 ----D---- C:\Windows\system32\config
2015-07-31 18:03:14 ----SHD---- C:\System Volume Information
2015-07-31 18:01:04 ----D---- C:\Windows\WinSxS
2015-07-30 19:26:07 ----HD---- C:\Program Files\WindowsApps
2015-07-29 02:09:29 ----D---- C:\Windows\CbsTemp
2015-07-28 21:20:06 ----D---- C:\Windows\rescache
2015-07-27 23:25:48 ----D---- C:\Windows\system32\en-US
2015-07-27 23:25:48 ----D---- C:\Windows\system32\cs-CZ
2015-07-25 17:05:49 ----SD---- C:\Windows\system32\GWX
2015-07-23 09:19:09 ----D---- C:\Windows\SysWOW64
2015-07-22 00:50:20 ----D---- C:\Program Files (x86)\PokerStars
2015-07-21 01:58:40 ----D---- C:\Windows\system32\MRT
2015-07-18 12:00:30 ----D---- C:\Windows\system32\DriverStore
2015-07-17 12:51:34 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-17 03:06:50 ----D---- C:\Windows\apppatch
2015-07-17 03:06:49 ----D---- C:\Windows\system32\drivers
2015-07-17 03:06:49 ----D---- C:\Windows\system32\CodeIntegrity
2015-07-17 03:06:48 ----RD---- C:\Windows\ToastData
2015-07-17 03:06:47 ----SD---- C:\Windows\system32\CompatTel
2015-07-17 03:06:47 ----D---- C:\Windows\WinStore
2015-07-17 03:06:47 ----D---- C:\Windows\system32\wbem
2015-07-17 03:06:47 ----D---- C:\Windows\system32\appraiser
2015-07-17 03:06:46 ----D---- C:\Program Files\Internet Explorer
2015-07-17 03:06:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 12:08:02 ----SHD---- C:\Windows\Installer
2015-07-16 11:52:28 ----D---- C:\Windows\system32\Tasks
2015-07-15 10:12:27 ----D---- C:\Windows\system32\catroot2
2015-07-13 23:10:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-04 16:39:12 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-04 16:38:43 ----D---- C:\Windows\Help
2015-07-04 16:38:43 ----D---- C:\Program Files\NVIDIA Corporation
2015-07-04 16:36:45 ----D---- C:\ProgramData\boost_interprocess
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BTATH_BUS;@oem15.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2013-08-26 239296]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-08-20 62136]
R1 dtsoftbus01;@oem23.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-01-03 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-08-20 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-08-20 168256]
R1 EpfwLWF;@oem37.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-08-20 44120]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-08-20 220232]
R3 athr;@oem14.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2014-02-14 3888640]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 dg_ssudbus;@oem29.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-28 3949656]
R3 iwdbus;@oem4.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 LMDriver;@oem21.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-18 21360]
R3 MEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-12-10 100312]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11011216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;@oem42.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 RadioShim;@oem21.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-18 14680]
R3 RTL8168;@oem9.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-28 854744]
R3 RTSPER;@oem13.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-04-02 476888]
R3 ssudmdm;@oem30.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
R3 SynRMIHID;@oem12.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-07-10 42736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 AthBTPort;@oem18.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
S3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
S3 BTATH_A2DP;@oem17.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
S3 btath_avdt;@oem17.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2014-02-26 118984]
S3 BTATH_HCRP;@oem20.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
S3 BTATH_LWFLT;@oem22.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
S3 BTATH_RCP;@oem24.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2014-02-26 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem3.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 IntcDAud;@oem1.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-08-19 1337240]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-21 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-06-10 466664]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-06-12 2573032]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 107912]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-21 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 107912]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
-----------------EOF-----------------
pro jistotu přikládám i log z OTM:
All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d041676887ae99.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0bfad1feb1d22.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d08fc7fd189f8b.job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Michal
->Temp folder emptied: 752919105 bytes
->Temporary Internet Files folder emptied: 44800901 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 463486851 bytes
->Flash cache emptied: 1476 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 251926294 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 443,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
User: Default User
User: Michal
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 08022015_133138
Files moved on Reboot...
C:\Users\Michal\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
Registry entries deleted on Reboot...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2015-08-02 13:35:51
Microsoft Windows 8.1
System drive C: has 678 GB (72%) free of 936 GB
Total RAM: 3987 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:35:54, on 2. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Michal\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/?pc=ACJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8208 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 3d9c3d57-7fbe-4201-ac4f-22376172310b 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f61655c7-2388-49df-a1a2-89f8fd83c974 -SystemEventPortName:HostProcess-5b8aca33-0a21-4aa7-a8bc-cd5f994a2953 -IoCancelEventPortName:HostProcess-d4f5a344-ca0f-48c6-bf77-396652b03cf3 -NonStateChangingEventPortName:HostProcess-1081df96-48f2-4132-a4a7-5d2934b56fdd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b57e4878-624d-4f64-85b9-0541b2654600 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
taskhostex.exe
taskeng.exe {FEEDCA9B-B6EF-49FA-A458-52980AC44424}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
igfxHK.exe
igfxTray.exe
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Users\Michal\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\08022015_133138.log
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Windows\system32\igfxext.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1392.0.1544125232\1783818415" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.1.1127629653\1212741221" --font-cache-shared-handle=1784 /prefetch:673131151
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.4.1081302427\1591004694" --font-cache-shared-handle=4416 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.5.1761299364\30155791" --font-cache-shared-handle=5016 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.6.99936201\652357575" --font-cache-shared-handle=5392 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.7.1538358853\506615205" --font-cache-shared-handle=6200 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.8.1382784352\1449075522" --font-cache-shared-handle=3624 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.9.1273957359\1428720907" --font-cache-shared-handle=7024 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.10.911502154\627973055" --font-cache-shared-handle=7732 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.11.499779191\1984576205" --font-cache-shared-handle=8380 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.12.861756727\1780240327" --font-cache-shared-handle=9004 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1392.13.806015069\1293270860" --font-cache-shared-handle=7844 /prefetch:673131151
"C:\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10 13671640]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-08-19 5617432]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-06-20 22012688]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-02 13:31:38 ----D---- C:\_OTM
2015-08-02 12:23:48 ----D---- C:\AdwCleaner
2015-07-31 21:56:03 ----D---- C:\Program Files\trend micro
2015-07-31 21:56:02 ----D---- C:\rsit
2015-07-31 21:51:26 ----A---- C:\RSITx64.exe
2015-07-28 20:53:54 ----A---- C:\Windows\system32\appraiser.dll
2015-07-21 10:51:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 10:51:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 10:51:01 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 10:51:01 ----A---- C:\Windows\system32\atmfd.dll
2015-07-17 11:57:48 ----D---- C:\Program Files (x86)\Metro Redux - Bundle
2015-07-16 01:09:55 ----SHD---- C:\Config.Msi
2015-07-15 10:30:55 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 10:30:55 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 10:30:55 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 10:30:55 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 10:30:54 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wups.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 10:30:54 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 10:29:16 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 10:29:16 ----A---- C:\Windows\system32\WiFiDisplay.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 10:29:15 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 10:29:15 ----A---- C:\Windows\system32\certcli.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\audiosrv.dll
2015-07-15 10:29:02 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 10:29:01 ----A---- C:\Windows\system32\profsvc.dll
2015-07-15 10:29:01 ----A---- C:\Windows\system32\authui.dll
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 10:29:00 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 10:29:00 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 10:29:00 ----A---- C:\Windows\system32\msi.dll
2015-07-15 10:28:55 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2015-07-15 10:28:55 ----A---- C:\Windows\system32\shell32.dll
2015-07-15 10:28:55 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 10:28:54 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-07-15 10:28:54 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-07-15 10:28:54 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-07-15 10:28:04 ----AC---- C:\Windows\system32\drivers\bthport.sys
2015-07-15 10:28:00 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-07-15 10:27:57 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 10:27:57 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 10:27:56 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 10:27:56 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 10:27:28 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2015-07-15 10:27:28 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 10:27:28 ----A---- C:\Windows\system32\WSShared.dll
2015-07-15 10:27:28 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 10:27:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 10:27:27 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 10:26:36 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 10:26:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 10:26:29 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 10:26:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 10:26:27 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 10:26:27 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 10:26:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 10:26:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 10:22:22 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 10:22:22 ----A---- C:\Windows\system32\actxprxy.dll
2015-07-15 10:22:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 10:22:20 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 10:22:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-07-15 10:22:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\webcheck.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\inetcomm.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\iepeers.dll
2015-07-15 10:22:19 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 10:14:44 ----A---- C:\Windows\system32\fhcpl.dll
2015-07-15 10:14:43 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 10:14:43 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 10:14:40 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 10:14:40 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 10:14:38 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-07-15 10:14:38 ----A---- C:\Windows\system32\msftedit.dll
2015-07-15 10:13:20 ----A---- C:\Windows\system32\apphelp.dll
2015-07-15 10:12:32 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 10:12:31 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 10:12:30 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2015-07-04 16:38:55 ----D---- C:\ProgramData\NVIDIA
2015-07-04 16:38:50 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-07-04 16:38:50 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-07-04 16:38:45 ----A---- C:\Windows\system32\nvsvc64.dll
2015-07-04 16:38:45 ----A---- C:\Windows\system32\nvshext.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvvsvc.exe
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvsvcr.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvmctray.dll
2015-07-04 16:38:44 ----A---- C:\Windows\system32\nvcpl.dll
2015-07-04 16:36:33 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-07-04 16:36:33 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-07-04 16:36:29 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-07-04 16:36:29 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-07-04 16:36:29 ----A---- C:\Windows\system32\nvopencl.dll
2015-07-04 16:36:29 ----A---- C:\Windows\system32\nvoglv64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-07-04 16:36:28 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvinitx.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvIFR64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\NvFBC64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcuvid.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcuda.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvcompiler.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\nvapi64.dll
2015-07-04 16:36:28 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
======List of files/folders modified in the last 1 month======
2015-08-02 13:35:15 ----D---- C:\Windows\Temp
2015-08-02 13:34:14 ----D---- C:\Windows\Prefetch
2015-08-02 13:31:38 ----D---- C:\Windows\Tasks
2015-08-02 13:08:52 ----D---- C:\Windows\AppReadiness
2015-08-02 13:02:05 ----D---- C:\Windows\system32\sru
2015-08-02 12:36:55 ----RD---- C:\Windows\System32
2015-08-02 12:36:55 ----D---- C:\Windows\Inf
2015-08-02 12:36:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-02 12:27:56 ----D---- C:\Program Files (x86)
2015-08-02 12:27:55 ----HD---- C:\ProgramData
2015-08-02 12:08:20 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2015-08-02 03:33:19 ----D---- C:\Windows\Microsoft.NET
2015-07-31 23:48:51 ----D---- C:\Windows\system32\drivers\etc
2015-07-31 21:56:03 ----RD---- C:\Program Files
2015-07-31 21:49:48 ----D---- C:\Windows\system32\config
2015-07-31 18:03:14 ----SHD---- C:\System Volume Information
2015-07-31 18:01:04 ----D---- C:\Windows\WinSxS
2015-07-30 19:26:07 ----HD---- C:\Program Files\WindowsApps
2015-07-29 02:09:29 ----D---- C:\Windows\CbsTemp
2015-07-28 21:20:06 ----D---- C:\Windows\rescache
2015-07-27 23:25:48 ----D---- C:\Windows\system32\en-US
2015-07-27 23:25:48 ----D---- C:\Windows\system32\cs-CZ
2015-07-25 17:05:49 ----SD---- C:\Windows\system32\GWX
2015-07-23 09:19:09 ----D---- C:\Windows\SysWOW64
2015-07-22 00:50:20 ----D---- C:\Program Files (x86)\PokerStars
2015-07-21 01:58:40 ----D---- C:\Windows\system32\MRT
2015-07-18 12:00:30 ----D---- C:\Windows\system32\DriverStore
2015-07-17 12:51:34 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-17 03:06:50 ----D---- C:\Windows\apppatch
2015-07-17 03:06:49 ----D---- C:\Windows\system32\drivers
2015-07-17 03:06:49 ----D---- C:\Windows\system32\CodeIntegrity
2015-07-17 03:06:48 ----RD---- C:\Windows\ToastData
2015-07-17 03:06:47 ----SD---- C:\Windows\system32\CompatTel
2015-07-17 03:06:47 ----D---- C:\Windows\WinStore
2015-07-17 03:06:47 ----D---- C:\Windows\system32\wbem
2015-07-17 03:06:47 ----D---- C:\Windows\system32\appraiser
2015-07-17 03:06:46 ----D---- C:\Program Files\Internet Explorer
2015-07-17 03:06:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 12:08:02 ----SHD---- C:\Windows\Installer
2015-07-16 11:52:28 ----D---- C:\Windows\system32\Tasks
2015-07-15 10:12:27 ----D---- C:\Windows\system32\catroot2
2015-07-13 23:10:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-04 16:39:12 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-04 16:38:43 ----D---- C:\Windows\Help
2015-07-04 16:38:43 ----D---- C:\Program Files\NVIDIA Corporation
2015-07-04 16:36:45 ----D---- C:\ProgramData\boost_interprocess
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BTATH_BUS;@oem15.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2013-08-26 239296]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-08-20 62136]
R1 dtsoftbus01;@oem23.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-01-03 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-08-20 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-08-20 168256]
R1 EpfwLWF;@oem37.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-08-20 44120]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-08-20 220232]
R3 athr;@oem14.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2014-02-14 3888640]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 dg_ssudbus;@oem29.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-28 3949656]
R3 iwdbus;@oem4.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 LMDriver;@oem21.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-18 21360]
R3 MEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-12-10 100312]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11011216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;@oem42.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 RadioShim;@oem21.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-18 14680]
R3 RTL8168;@oem9.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-28 854744]
R3 RTSPER;@oem13.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-04-02 476888]
R3 ssudmdm;@oem30.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
R3 SynRMIHID;@oem12.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-07-10 42736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 AthBTPort;@oem18.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
S3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
S3 BTATH_A2DP;@oem17.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
S3 btath_avdt;@oem17.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2014-02-26 118984]
S3 BTATH_HCRP;@oem20.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
S3 BTATH_LWFLT;@oem22.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
S3 BTATH_RCP;@oem24.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2014-02-26 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem3.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 IntcDAud;@oem1.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-08-19 1337240]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-21 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-06-10 466664]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-06-12 2573032]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 107912]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-21 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 107912]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
-----------------EOF-----------------
pro jistotu přikládám i log z OTM:
All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d041676887ae99.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0bfad1feb1d22.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d08fc7fd189f8b.job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Michal
->Temp folder emptied: 752919105 bytes
->Temporary Internet Files folder emptied: 44800901 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 463486851 bytes
->Flash cache emptied: 1476 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 251926294 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 443,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
User: Default User
User: Michal
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 08022015_133138
Files moved on Reboot...
C:\Users\Michal\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola notebooku
Smazáno, log je již OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola notebooku
Vyčištěno.
Pokud je tedy již vše v pořádku tak Vám mnohokrát děkuji za pomoc a můžete téma uzavřít.
Mějte se a ať se Vám daří
Pokud je tedy již vše v pořádku tak Vám mnohokrát děkuji za pomoc a můžete téma uzavřít.
Mějte se a ať se Vám daří
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola notebooku
Mělo by to být vše. Nemáte zač a mějte se!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?