Pomalý chod + přesměrování stránek

[Fanouš]

Dobrý večer, poprosil bych o kontrolu logu.
Browser přesměrovává jinam ....
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom at 2015-09-17 18:51:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 49 GB (10%) free of 477 GB
Total RAM: 4094 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:41, on 17.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Hry\Origin\Origin.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Breach and Clear\bnc.exe
C:\Program Files\trend micro\Tom.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\BrowserCleaner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EADM] "C:\Hry\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Hry\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Razer Surround Audio Service (RzSurroundVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9162 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
taskeng.exe {A1D76C3E-5039-4982-A58D-91929BECFD41}
taskeng.exe {B60BB4BB-2EB7-4A39-8F31-F153A2A63706}
"C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe" /startup
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe" /Task
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" ccd84ba5-29eb-4aaf-a1b1-1ef69ab63b63
\??\C:\Windows\system32\conhost.exe "-1480378031600042854-152399056301965268148555469-581781449-18969259271609186850
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
C:\Windows\system32\wbem\wmiprvse.exe
\??\C:\Windows\system32\conhost.exe "-1355161330-620041187692948999-444269768812385686942282215-278508804-230394714
WLIDSvcM.exe 2996
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Hry\Origin\Origin.exe" -AutoStart
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
C:\Hry\Origin\IGOProxy64.exe -L DX10
C:\Hry\Origin\IGOProxy64.exe -L DX11
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Breach and Clear\bnc.exe"
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Tom\Downloads\RSITx64.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\BrowserCleaner.exe" /Chrome

======Scheduled tasks folder======

C:\Windows\tasks\733709e2-a1d9-4229-a606-a769796c31af.job - C:\Program Files (x86)\TheTorntv V10\faaa977f-cb01-43bf-b04b-8d85af1f92cd-4.exe /kFlyeZDW=BNrQH4paN2tOg0r8uYsx3vXWDyVj+mIP9G+ksJBbX357U4frXt9H6nzYqOZxBDMR/T+S2q6uWWuIar7zwYG5AnF71vbCzIj5zGMGBiL9rHT65JgUDexf8LwZ3OQQgSlv6gTL2DzYtc8irWXph8/Po82UCIlUwFXZ2ZgVdPCjgG+LbS1hE5kBW1ibY4pIyJIHJCREu9InizyL5ycAkXz9YlvM64YzhcTQs71GQs792W4T9nrKYaD28I2aqUMWPHrosPFqshmLWYwN2m7eMz4TOB7iFyafgc7k+m7GEXeMHN7Vt0TbB3m+x/cNDCVNYChyqxotiexDcg8oW5qKyZXKnEd1pisMQB0KbwFN76xFRSepASqMZb58lDUHzpn3MUrot0k2Ge1kHc3xwZ54iaWzF6sFtBjCN2dyaNOzrJpHcdHsPKxDdKG5pWtRMctFgoVZKy0dPpsxBY/zB5pT6HnziwH8mWB7LqnAo4e2fktkXF7Ah+FEEZOEMUSgKdJ45zavVIU+bVY9n8ijuqSJjd8+gVCpHemskfgH578Qz85/ff1sV7hgUDdi4knKF9bDn2Dns7AHETFQiBJ2oD+GGygNl5OBrMgRt5MEJHYmB1moJuIu2xqwXAX9gQ7CYwGxizc6SkH/bAY/RDcDl2kmU11sXm82hvdhcUZybANNA7oPTDqftBEXhAPN5WgzeJcWIcIgrP/5PGN8BtEh7TNDTrgk/GYua9mV80UlQgm3PKtL/rUk0lWKoB0MwMnZmpJENFiDMGxf1APNAT8k+Fn1V8HYmTqzl5gD9Mn/tkKlPNqF74P5tIkaYKXXbfiBUNIt6GalVqnW7kUMdVUTv1L4hysBQoc/IaqUm3VvyT6tojJKbPvf8kpuvSg4oOgpLlMgrYCH5r5QHZElGTbQJlysxzacBknLM4mc1JtkiMXKO/SR94HxuJPjmW0lqZzyTQwwSYC99/TtGZG8gnHD2qb1wB9mEGt9/fkN8Bi/5vkLEADHKs3xHtkNh5UDrcO2JYEn6v2pbu3nc4/gpv/ZSQ8IrLESo+fdxU+XXvwXtryQjhmxq14LyuqvaMoA8SVLqO9syLAx4HpFIzcx/NwO6WdE70U0jebMdGeTFTivcF7s+HbeLXPgM7VQpwU8kGvZ6+6Y7sZYBIbnlJFgIxiJhZqrBGmboUQx4iFN/Bx+jk/YN7HGMI8RgDm3I5ncB0fWFy+H+C0tDKiVVq7voOzy6YV+o//I78s54hGIxyDi0wOhThRNDVoup6fYxdudWe1Tgitz4CNzae0qWMsBcOnhsytzf00Cr4DiMr4m7YGT12LjXmHUfD+ERG5LzNa2IHN+9OY3hu+EKulhVXeCvq3qOPbMfq/kGCs8lap4/cx0aqjxPIcB6opijgpo932Ayb1a1xzFdU9o2OhOKT4c9gYwSxSIzBIMLRYAh4Vb6FnC99W1spx/DfBpSwSinADLk3uLh3hMN9k+EAmMGjVDsUiqIXm5WcAJxuWJSxhbeAgNnG6RaFJiRzv4X99Pf/j5k7xWDgGeNDTR
C:\Windows\tasks\8f597c7b-383f-4113-8fef-91c22b3219e0.job - C:\Program Files (x86)\TheGoPhoto.it V10\7971b466-1511-4ac2-abb8-519856420203-4.exe /ZqoJMD=PQdqEZFIoS+5+pT++KeoJVIer4cuxedeN0H8GVXOBv8ns8lU3adqlRPG7t/EaKz+ufUsdV/mKl4+tAi37ONa89KgxkD6duIA2DsJ/kTDxUdH3yLPBzZruC3dZnB2kDDbuLgmD+yojPxofGLNV6Yng1GwhmICPvDcjVUqjv1VCr58AA6qu1k63kRfNkyGNLb+A0KTMwWZfQnUHcsntVzj73r61TpoZfoijklQfzpazljpWBSxtmFGWtAqj2ByxNqykruXEmmqEo3y6WZO8C1OUHMRLunNBiWj+FqtVGU1kqlbVK+deVNvkWaZ/UKZldnsAEL2HnHzR7Nl7duZAzfW1ofdy+tccDeBuJ6DPlKn7TdVWkvIJ7zQNW8s1hzJjwtKX8AORPydwkk4gDbU5QLl3GO4y+z60GOgXepjTOGCelJPyx/8t8ZWXWR+sxV3gS4uzpDEzNpiE0TqH2eBwre9v8v7XR7ncxt/VhKkPGu3Tlq5fIHs/ILX/tk1IoTdLhwJoDqqXuDMq5mnZKSvApwhwrnwlQvAQ6yP33axsQtlSih+oMzSUVbCUpMnZoJEXIy49+nCB0pweaA2Jh3bKNppC5LVbKHNE8gb/El+bdcD6ZhlDERp58aDV3xZfHUeBRRPQk/6sChzAXxTYGUitcFe0XyWxaMnRI9pFNQAb2Zy0Dy1gvChlunHSAX+QSJ16W4nYU4cuV/cjycySzPMZSLgS7Crs0w5SuFngi9rziY8h34Bag2nvS2o0Eqm590+Fl5pRWGLU9soIDGS+KMDEjGsybZ1ZUqTbjTSkLcG41IoRVL7Lv5hmwVzpo/nTHv/2XLkMXah/d11GBL1QUPeLz8N0cRDFR43qEixZRD7fN9FZJT+SfUOe5vgX1vZntKO6nm1TlVfNj9qYyngugBS0s3cyDHmWrl8u9SZ04PhXeh8AoJGQEFrUVwf2F8ZpUJOTe5NgOlcM5uewFUgXHD69T2ax8cJapQUe/oh9dRherbV3a9mmtwM+wlzOk5yPCSfCwmuliNghuIAd0+hywjjbskJszBba1k1AXXctaJTkHh1KMLn09QThvW+SvosiJCSh7v9pio2X+Xfi0i6WBfs9mlOfQYRTFaOwLT+vH4akDbDKmW7X/PzmDmShhfZ0IdzZSGR5u7FPFGLrKVkeeETF4zftIH1a336m4xcLAJ2nBYyLU9iPrifIGpJF5lmzQdTJn1T785SCAoqKau63YBAblG2zpGhDjPcBKQypuV+T9f/UVNDHYrJdUiapxMUOWcS9sQN0hGkoiZE+ObFgatYH2a/QKWT0/upynUT3VVD65gkPHGciSTo0kw4XoIevCZPvf35yjbh97+G5UdnfA8pylphMg==
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FreeFileViewerUpdateChecker.job - C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-23 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-23 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-17 14021336]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-18 2634872]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-08-18 1710568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"EADM"=C:\Hry\Origin\Origin.exe [2015-09-03 3638256]
"GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-09-12 815944]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-07-06 7800088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2015-03-06 5768992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Tom\AppData\Roaming\Spotify\Spotify.exe [2015-09-05 7535672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Tom\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-09-05 2018360]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-23 5515496]
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2015-03-12 590144]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-17 18:51:30 ----D---- C:\Program Files\trend micro
2015-09-17 18:51:29 ----D---- C:\rsit
2015-09-17 18:36:08 ----D---- C:\Users\Tom\AppData\Roaming\SUPERAntiSpyware.com
2015-09-17 18:35:20 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2015-09-17 18:35:20 ----D---- C:\Program Files\SUPERAntiSpyware
2015-09-17 18:25:35 ----D---- C:\AdwCleaner
2015-09-16 22:08:12 ----AD---- C:\Windows\VDLL.DLL
2015-09-16 22:08:12 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2015-09-16 22:08:12 ----AD---- C:\Windows\rundll16.exe
2015-09-16 22:08:12 ----AD---- C:\Windows\RUNDL132.EXE
2015-09-16 22:08:12 ----AD---- C:\Windows\logo1_.exe
2015-09-16 22:08:12 ----AD---- C:\Windows\logo_1.exe
2015-09-16 22:03:40 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2015-09-16 22:03:39 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2015-09-16 22:03:38 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2015-09-16 22:03:24 ----D---- C:\ProgramData\MicroWorld
2015-08-25 10:16:58 ----D---- C:\Users\Tom\AppData\Roaming\FreeFileViewer
2015-08-24 19:23:22 ----D---- C:\Program Files (x86)\FreeFileViewer
2015-08-24 18:38:14 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-08-24 18:36:23 ----D---- C:\temp
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\nvopencl.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\nvoglv64.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\NvIFR64.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\NvFBC64.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\nvdispgenco6434181.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-08-24 18:22:52 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-08-24 18:22:52 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-08-24 18:22:52 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvdispco6434181.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvcuvid.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvcuda.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvcompiler.dll
2015-08-24 17:52:54 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-08-24 17:52:54 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-08-24 17:38:10 ----D---- C:\Users\Tom\AppData\Roaming\Steam

======List of files/folders modified in the last 1 month======

2015-09-17 18:51:38 ----D---- C:\Windows\Temp
2015-09-17 18:51:30 ----D---- C:\Program Files
2015-09-17 18:45:53 ----D---- C:\Windows\system32\config
2015-09-17 18:45:43 ----D---- C:\Windows\SoftwareDistribution
2015-09-17 18:45:41 ----D---- C:\Windows
2015-09-17 18:44:51 ----D---- C:\Windows\system32\Tasks
2015-09-17 18:43:37 ----D---- C:\Users\Tom\AppData\Roaming\uTorrent
2015-09-17 18:40:49 ----A---- C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2015-09-17 18:36:08 ----HD---- C:\ProgramData
2015-09-17 18:30:38 ----D---- C:\ProgramData\Origin
2015-09-17 18:28:18 ----D---- C:\ProgramData\NVIDIA
2015-09-17 18:26:56 ----D---- C:\Windows\Tasks
2015-09-17 18:26:41 ----D---- C:\Windows\system32\log
2015-09-17 18:26:40 ----RD---- C:\Program Files (x86)
2015-09-17 15:53:17 ----D---- C:\Users\Tom\AppData\Roaming\Spotify
2015-09-17 15:52:47 ----D---- C:\Program Files (x86)\Steam
2015-09-17 15:47:04 ----D---- C:\Windows\system32\catroot2
2015-09-17 15:45:26 ----D---- C:\Windows\debug
2015-09-16 22:08:12 ----D---- C:\Windows\SysWOW64
2015-09-16 22:03:33 ----D---- C:\Program Files (x86)\Common Files
2015-09-16 16:07:10 ----D---- C:\Users\Tom\AppData\Roaming\DAEMON Tools Lite
2015-09-16 16:06:15 ----D---- C:\Windows\inf
2015-09-16 16:06:13 ----D---- C:\Windows\Logs
2015-09-16 07:22:15 ----D---- C:\Windows\System32
2015-09-16 07:22:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-15 06:57:02 ----SHD---- C:\Windows\Installer
2015-09-15 06:57:02 ----SHD---- C:\Config.Msi
2015-09-13 19:17:51 ----D---- C:\ProgramData\ProductData
2015-09-13 07:15:27 ----D---- C:\Windows\Prefetch
2015-09-10 06:41:16 ----SHD---- C:\System Volume Information
2015-09-09 17:12:32 ----D---- C:\ProgramData\Ubisoft
2015-09-09 17:04:52 ----RSD---- C:\Windows\assembly
2015-09-09 16:47:36 ----D---- C:\Program Files (x86)\Ubisoft
2015-09-09 16:47:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-09-06 18:13:34 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2015-09-06 15:16:01 ----D---- C:\Program Files (x86)\THQ
2015-09-01 10:50:27 ----D---- C:\The KMPlayer
2015-08-27 17:12:08 ----D---- C:\Program Files (x86)\R.G. Mechanics
2015-08-27 17:10:47 ----D---- C:\Program Files (x86)\2K Games
2015-08-27 16:22:26 ----D---- C:\Program Files (x86)\Activision
2015-08-24 18:38:22 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-08-24 18:38:11 ----D---- C:\Windows\system32\DriverStore
2015-08-24 18:24:41 ----D---- C:\Windows\system32\drivers
2015-08-24 18:24:40 ----D---- C:\Program Files\NVIDIA Corporation
2015-08-24 17:52:58 ----D---- C:\ProgramData\NVIDIA Corporation
2015-08-24 15:14:47 ----D---- C:\ProgramData\Solidshield
2015-08-24 15:13:51 ----D---- C:\Program Files (x86)\Electronic Arts
2015-08-18 10:48:55 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-08-18 10:48:55 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-08-18 10:48:55 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-08-18 10:48:55 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-08-18 10:48:55 ----A---- C:\Windows\system32\OpenCL.dll
2015-08-18 10:48:55 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-08-18 10:48:55 ----A---- C:\Windows\system32\nvapi64.dll
2015-08-18 02:07:25 ----A---- C:\Windows\system32\nvcpl.dll
2015-08-18 02:07:24 ----A---- C:\Windows\system32\nvsvc64.dll
2015-08-18 02:07:22 ----A---- C:\Windows\system32\nvvsvc.exe
2015-08-18 02:07:22 ----A---- C:\Windows\system32\nvsvcr.dll
2015-08-18 02:07:22 ----A---- C:\Windows\system32\nvshext.dll
2015-08-18 02:07:22 ----A---- C:\Windows\system32\nvmctray.dll
2015-08-18 01:30:08 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-08-18 01:30:08 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-08-18 01:29:44 ----A---- C:\Windows\system32\nvspcap64.dll
2015-08-18 01:29:44 ----A---- C:\Windows\system32\nvspbridge64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-05-23 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-05-23 272248]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2015-03-13 123704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-05-23 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-05-23 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-27 442264]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-24 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-03-13 26528]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-05-23 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-05-23 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-05-23 137288]
R2 rzpmgrk;rzpmgrk; \??\C:\Windows\system32\drivers\rzpmgrk.sys [2015-02-05 37184]
R2 rzpnk;rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [2014-11-17 129600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-07-17 4496600]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-18 19576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-05-06 977624]
S1 SABKUTIL;SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys []
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S3 cpuz137;cpuz137; \??\C:\Users\Tom\AppData\Local\Temp\cpuz137\cpuz137_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 esgiguard;esgiguard; C:\Windows\system32\drivers\esgiguard.sys []
S3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-11-10 23048]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-02-13 19456]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2014-11-10 34848]
S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service; C:\Windows\system32\drivers\RzMaelstromVAD.sys [2014-06-09 32768]
S3 SABProcEnum;SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys []
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2015-03-27 203672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2015-02-13 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2015-02-13 30208]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2014-11-10 23016]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2015-04-03 814880]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-23 343336]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-18 1155192]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-01-27 344864]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-18 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-18 5544568]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 933168]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-07-17 76152]
R2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-02-05 187072]
R2 RzSurroundVADStreamingService;Razer Surround Audio Service; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [2015-02-03 4250624]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 139776]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-18 114688]
S3 Origin Client Service;Origin Client Service; C:\Hry\Origin\OriginClientService.exe [2015-09-03 2057736]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-09-10 838848]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-26 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------



Děkuji

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Fanouš]

# AdwCleaner v5.007 - Logfile created 17/09/2015 at 20:10:49
# Updated 08/09/2015 by Xplode
# Database : 2015-09-15.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Tom - TOM-PC
# Running from : C:\Users\Tom\Downloads\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [623 bytes] ##########


Děkuji, projeto. Vyčištěno SuperAntispyware...

[Fanouš]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom at 2015-09-17 20:36:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 49 GB (10%) free of 477 GB
Total RAM: 4094 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:36:50, on 17.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Hry\Origin\Origin.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Hry\Origin\IGOProxy.exe
C:\Program Files\trend micro\Tom.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EADM] "C:\Hry\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Hry\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Razer Surround Audio Service (RzSurroundVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9070 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
taskeng.exe {C937C656-46D7-468A-84B3-E3D9CF00C140}
taskeng.exe {D8435C59-0294-437D-84DA-88AD95BC8B5F}
"C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe" /startup
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe" /Task
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" ccd84ba5-29eb-4aaf-a1b1-1ef69ab63b63
C:\Windows\system32\wbem\wmiprvse.exe
\??\C:\Windows\system32\conhost.exe "19991150978414263322047861296-1127979345631624617904657572-722454480655741902
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "63072550426645188910713842761631887841-950113774-1776568219-2005801801-245314301
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 3052
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Hry\Origin\Origin.exe" -AutoStart
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
C:\Hry\Origin\IGOProxy.exe -L DX11

"C:\Users\Tom\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\733709e2-a1d9-4229-a606-a769796c31af.job - C:\Program Files (x86)\TheTorntv V10\faaa977f-cb01-43bf-b04b-8d85af1f92cd-4.exe /kFlyeZDW=BNrQH4paN2tOg0r8uYsx3vXWDyVj+mIP9G+ksJBbX357U4frXt9H6nzYqOZxBDMR/T+S2q6uWWuIar7zwYG5AnF71vbCzIj5zGMGBiL9rHT65JgUDexf8LwZ3OQQgSlv6gTL2DzYtc8irWXph8/Po82UCIlUwFXZ2ZgVdPCjgG+LbS1hE5kBW1ibY4pIyJIHJCREu9InizyL5ycAkXz9YlvM64YzhcTQs71GQs792W4T9nrKYaD28I2aqUMWPHrosPFqshmLWYwN2m7eMz4TOB7iFyafgc7k+m7GEXeMHN7Vt0TbB3m+x/cNDCVNYChyqxotiexDcg8oW5qKyZXKnEd1pisMQB0KbwFN76xFRSepASqMZb58lDUHzpn3MUrot0k2Ge1kHc3xwZ54iaWzF6sFtBjCN2dyaNOzrJpHcdHsPKxDdKG5pWtRMctFgoVZKy0dPpsxBY/zB5pT6HnziwH8mWB7LqnAo4e2fktkXF7Ah+FEEZOEMUSgKdJ45zavVIU+bVY9n8ijuqSJjd8+gVCpHemskfgH578Qz85/ff1sV7hgUDdi4knKF9bDn2Dns7AHETFQiBJ2oD+GGygNl5OBrMgRt5MEJHYmB1moJuIu2xqwXAX9gQ7CYwGxizc6SkH/bAY/RDcDl2kmU11sXm82hvdhcUZybANNA7oPTDqftBEXhAPN5WgzeJcWIcIgrP/5PGN8BtEh7TNDTrgk/GYua9mV80UlQgm3PKtL/rUk0lWKoB0MwMnZmpJENFiDMGxf1APNAT8k+Fn1V8HYmTqzl5gD9Mn/tkKlPNqF74P5tIkaYKXXbfiBUNIt6GalVqnW7kUMdVUTv1L4hysBQoc/IaqUm3VvyT6tojJKbPvf8kpuvSg4oOgpLlMgrYCH5r5QHZElGTbQJlysxzacBknLM4mc1JtkiMXKO/SR94HxuJPjmW0lqZzyTQwwSYC99/TtGZG8gnHD2qb1wB9mEGt9/fkN8Bi/5vkLEADHKs3xHtkNh5UDrcO2JYEn6v2pbu3nc4/gpv/ZSQ8IrLESo+fdxU+XXvwXtryQjhmxq14LyuqvaMoA8SVLqO9syLAx4HpFIzcx/NwO6WdE70U0jebMdGeTFTivcF7s+HbeLXPgM7VQpwU8kGvZ6+6Y7sZYBIbnlJFgIxiJhZqrBGmboUQx4iFN/Bx+jk/YN7HGMI8RgDm3I5ncB0fWFy+H+C0tDKiVVq7voOzy6YV+o//I78s54hGIxyDi0wOhThRNDVoup6fYxdudWe1Tgitz4CNzae0qWMsBcOnhsytzf00Cr4DiMr4m7YGT12LjXmHUfD+ERG5LzNa2IHN+9OY3hu+EKulhVXeCvq3qOPbMfq/kGCs8lap4/cx0aqjxPIcB6opijgpo932Ayb1a1xzFdU9o2OhOKT4c9gYwSxSIzBIMLRYAh4Vb6FnC99W1spx/DfBpSwSinADLk3uLh3hMN9k+EAmMGjVDsUiqIXm5WcAJxuWJSxhbeAgNnG6RaFJiRzv4X99Pf/j5k7xWDgGeNDTR
C:\Windows\tasks\8f597c7b-383f-4113-8fef-91c22b3219e0.job - C:\Program Files (x86)\TheGoPhoto.it V10\7971b466-1511-4ac2-abb8-519856420203-4.exe /ZqoJMD=PQdqEZFIoS+5+pT++KeoJVIer4cuxedeN0H8GVXOBv8ns8lU3adqlRPG7t/EaKz+ufUsdV/mKl4+tAi37ONa89KgxkD6duIA2DsJ/kTDxUdH3yLPBzZruC3dZnB2kDDbuLgmD+yojPxofGLNV6Yng1GwhmICPvDcjVUqjv1VCr58AA6qu1k63kRfNkyGNLb+A0KTMwWZfQnUHcsntVzj73r61TpoZfoijklQfzpazljpWBSxtmFGWtAqj2ByxNqykruXEmmqEo3y6WZO8C1OUHMRLunNBiWj+FqtVGU1kqlbVK+deVNvkWaZ/UKZldnsAEL2HnHzR7Nl7duZAzfW1ofdy+tccDeBuJ6DPlKn7TdVWkvIJ7zQNW8s1hzJjwtKX8AORPydwkk4gDbU5QLl3GO4y+z60GOgXepjTOGCelJPyx/8t8ZWXWR+sxV3gS4uzpDEzNpiE0TqH2eBwre9v8v7XR7ncxt/VhKkPGu3Tlq5fIHs/ILX/tk1IoTdLhwJoDqqXuDMq5mnZKSvApwhwrnwlQvAQ6yP33axsQtlSih+oMzSUVbCUpMnZoJEXIy49+nCB0pweaA2Jh3bKNppC5LVbKHNE8gb/El+bdcD6ZhlDERp58aDV3xZfHUeBRRPQk/6sChzAXxTYGUitcFe0XyWxaMnRI9pFNQAb2Zy0Dy1gvChlunHSAX+QSJ16W4nYU4cuV/cjycySzPMZSLgS7Crs0w5SuFngi9rziY8h34Bag2nvS2o0Eqm590+Fl5pRWGLU9soIDGS+KMDEjGsybZ1ZUqTbjTSkLcG41IoRVL7Lv5hmwVzpo/nTHv/2XLkMXah/d11GBL1QUPeLz8N0cRDFR43qEixZRD7fN9FZJT+SfUOe5vgX1vZntKO6nm1TlVfNj9qYyngugBS0s3cyDHmWrl8u9SZ04PhXeh8AoJGQEFrUVwf2F8ZpUJOTe5NgOlcM5uewFUgXHD69T2ax8cJapQUe/oh9dRherbV3a9mmtwM+wlzOk5yPCSfCwmuliNghuIAd0+hywjjbskJszBba1k1AXXctaJTkHh1KMLn09QThvW+SvosiJCSh7v9pio2X+Xfi0i6WBfs9mlOfQYRTFaOwLT+vH4akDbDKmW7X/PzmDmShhfZ0IdzZSGR5u7FPFGLrKVkeeETF4zftIH1a336m4xcLAJ2nBYyLU9iPrifIGpJF5lmzQdTJn1T785SCAoqKau63YBAblG2zpGhDjPcBKQypuV+T9f/UVNDHYrJdUiapxMUOWcS9sQN0hGkoiZE+ObFgatYH2a/QKWT0/upynUT3VVD65gkPHGciSTo0kw4XoIevCZPvf35yjbh97+G5UdnfA8pylphMg==
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FreeFileViewerUpdateChecker.job - C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-23 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-23 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-17 14021336]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-18 2634872]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-08-18 1710568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"EADM"=C:\Hry\Origin\Origin.exe [2015-09-03 3638256]
"GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-09-12 815944]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-07-06 7800088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2015-03-06 5768992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Tom\AppData\Roaming\Spotify\Spotify.exe [2015-09-05 7535672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Tom\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-09-05 2018360]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-23 5515496]
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2015-03-12 590144]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-17 18:51:30 ----D---- C:\Program Files\trend micro
2015-09-17 18:51:29 ----D---- C:\rsit
2015-09-17 18:36:08 ----D---- C:\Users\Tom\AppData\Roaming\SUPERAntiSpyware.com
2015-09-17 18:35:20 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2015-09-17 18:35:20 ----D---- C:\Program Files\SUPERAntiSpyware
2015-09-17 18:25:35 ----D---- C:\AdwCleaner
2015-09-16 22:08:12 ----AD---- C:\Windows\VDLL.DLL
2015-09-16 22:08:12 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2015-09-16 22:08:12 ----AD---- C:\Windows\rundll16.exe
2015-09-16 22:08:12 ----AD---- C:\Windows\RUNDL132.EXE
2015-09-16 22:08:12 ----AD---- C:\Windows\logo1_.exe
2015-09-16 22:08:12 ----AD---- C:\Windows\logo_1.exe
2015-09-16 22:03:40 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2015-09-16 22:03:39 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2015-09-16 22:03:38 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2015-09-16 22:03:24 ----D---- C:\ProgramData\MicroWorld
2015-08-25 10:16:58 ----D---- C:\Users\Tom\AppData\Roaming\FreeFileViewer
2015-08-24 19:23:22 ----D---- C:\Program Files (x86)\FreeFileViewer
2015-08-24 18:38:14 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-08-24 18:36:23 ----D---- C:\temp
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\nvopencl.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\nvoglv64.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\NvIFR64.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\NvFBC64.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\nvdispgenco6434181.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-08-24 18:22:52 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-08-24 18:22:52 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-08-24 18:22:52 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvdispco6434181.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvcuvid.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvcuda.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvcompiler.dll
2015-08-24 17:52:54 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-08-24 17:52:54 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-08-24 17:38:10 ----D---- C:\Users\Tom\AppData\Roaming\Steam

======List of files/folders modified in the last 1 month======

2015-09-17 20:36:47 ----D---- C:\Windows\Temp
2015-09-17 20:24:38 ----A---- C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2015-09-17 20:14:18 ----D---- C:\ProgramData\Origin
2015-09-17 20:12:06 ----D---- C:\ProgramData\NVIDIA
2015-09-17 18:55:50 ----D---- C:\Windows\system32\catroot2
2015-09-17 18:51:30 ----D---- C:\Program Files
2015-09-17 18:45:53 ----D---- C:\Windows\system32\config
2015-09-17 18:45:43 ----D---- C:\Windows\SoftwareDistribution
2015-09-17 18:45:41 ----D---- C:\Windows
2015-09-17 18:44:51 ----D---- C:\Windows\system32\Tasks
2015-09-17 18:43:37 ----D---- C:\Users\Tom\AppData\Roaming\uTorrent
2015-09-17 18:36:08 ----HD---- C:\ProgramData
2015-09-17 18:26:56 ----D---- C:\Windows\Tasks
2015-09-17 18:26:41 ----D---- C:\Windows\system32\log
2015-09-17 18:26:40 ----RD---- C:\Program Files (x86)
2015-09-17 15:53:17 ----D---- C:\Users\Tom\AppData\Roaming\Spotify
2015-09-17 15:52:47 ----D---- C:\Program Files (x86)\Steam
2015-09-17 15:45:26 ----D---- C:\Windows\debug
2015-09-16 22:08:12 ----D---- C:\Windows\SysWOW64
2015-09-16 22:03:33 ----D---- C:\Program Files (x86)\Common Files
2015-09-16 16:07:10 ----D---- C:\Users\Tom\AppData\Roaming\DAEMON Tools Lite
2015-09-16 16:06:15 ----D---- C:\Windows\inf
2015-09-16 16:06:13 ----D---- C:\Windows\Logs
2015-09-16 07:22:15 ----D---- C:\Windows\System32
2015-09-16 07:22:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-15 06:57:02 ----SHD---- C:\Windows\Installer
2015-09-15 06:57:02 ----SHD---- C:\Config.Msi
2015-09-13 19:17:51 ----D---- C:\ProgramData\ProductData
2015-09-13 07:15:27 ----D---- C:\Windows\Prefetch
2015-09-10 06:41:16 ----SHD---- C:\System Volume Information
2015-09-09 17:12:32 ----D---- C:\ProgramData\Ubisoft
2015-09-09 17:04:52 ----RSD---- C:\Windows\assembly
2015-09-09 16:47:36 ----D---- C:\Program Files (x86)\Ubisoft
2015-09-09 16:47:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-09-06 18:13:34 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2015-09-06 15:16:01 ----D---- C:\Program Files (x86)\THQ
2015-09-01 10:50:27 ----D---- C:\The KMPlayer
2015-08-27 17:12:08 ----D---- C:\Program Files (x86)\R.G. Mechanics
2015-08-27 17:10:47 ----D---- C:\Program Files (x86)\2K Games
2015-08-27 16:22:26 ----D---- C:\Program Files (x86)\Activision
2015-08-24 18:38:22 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-08-24 18:38:11 ----D---- C:\Windows\system32\DriverStore
2015-08-24 18:24:41 ----D---- C:\Windows\system32\drivers
2015-08-24 18:24:40 ----D---- C:\Program Files\NVIDIA Corporation
2015-08-24 17:52:58 ----D---- C:\ProgramData\NVIDIA Corporation
2015-08-24 15:14:47 ----D---- C:\ProgramData\Solidshield
2015-08-24 15:13:51 ----D---- C:\Program Files (x86)\Electronic Arts
2015-08-18 10:48:55 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-08-18 10:48:55 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-08-18 10:48:55 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-08-18 10:48:55 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-08-18 10:48:55 ----A---- C:\Windows\system32\OpenCL.dll
2015-08-18 10:48:55 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-08-18 10:48:55 ----A---- C:\Windows\system32\nvapi64.dll
2015-08-18 02:07:25 ----A---- C:\Windows\system32\nvcpl.dll
2015-08-18 02:07:24 ----A---- C:\Windows\system32\nvsvc64.dll
2015-08-18 02:07:22 ----A---- C:\Windows\system32\nvvsvc.exe
2015-08-18 02:07:22 ----A---- C:\Windows\system32\nvsvcr.dll
2015-08-18 02:07:22 ----A---- C:\Windows\system32\nvshext.dll
2015-08-18 02:07:22 ----A---- C:\Windows\system32\nvmctray.dll
2015-08-18 01:30:08 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-08-18 01:30:08 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-08-18 01:29:44 ----A---- C:\Windows\system32\nvspcap64.dll
2015-08-18 01:29:44 ----A---- C:\Windows\system32\nvspbridge64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-05-23 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-05-23 272248]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2015-03-13 123704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-05-23 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-05-23 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-27 442264]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-24 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-03-13 26528]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-05-23 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-05-23 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-05-23 137288]
R2 rzpmgrk;rzpmgrk; \??\C:\Windows\system32\drivers\rzpmgrk.sys [2015-02-05 37184]
R2 rzpnk;rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [2014-11-17 129600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-07-17 4496600]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-18 19576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-05-06 977624]
S1 SABKUTIL;SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys []
S3 cpuz137;cpuz137; \??\C:\Users\Tom\AppData\Local\Temp\cpuz137\cpuz137_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 esgiguard;esgiguard; C:\Windows\system32\drivers\esgiguard.sys []
S3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-11-10 23048]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-02-13 19456]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2014-11-10 34848]
S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service; C:\Windows\system32\drivers\RzMaelstromVAD.sys [2014-06-09 32768]
S3 SABProcEnum;SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys []
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2015-03-27 203672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2015-02-13 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2015-02-13 30208]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2014-11-10 23016]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2015-04-03 814880]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-23 343336]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-18 1155192]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-01-27 344864]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-18 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-18 5544568]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 933168]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-07-17 76152]
R2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-02-05 187072]
R2 RzSurroundVADStreamingService;Razer Surround Audio Service; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [2015-02-03 4250624]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 139776]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-18 114688]
S3 Origin Client Service;Origin Client Service; C:\Hry\Origin\OriginClientService.exe [2015-09-03 2057736]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-09-10 838848]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-26 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Rudy]

ADW nenašel nic. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\McAfee Security Scan
C:\Windows\tasks\733709e2-a1d9-4229-a606-a769796c31af.job
C:\Program Files (x86)\TheTorntv V10
C:\Windows\tasks\8f597c7b-383f-4113-8fef-91c22b3219e0.job
C:\Program Files (x86)\TheGoPhoto.it V10
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64

:services
c2cautoupdatesvc
c2cpnrsvc

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[Fanouš]

Dobré ráno, děkuji Rudy. Pokračování bude až k večeru.
F.

[Rudy]

OK.

[Fanouš]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom at 2015-09-18 18:05:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 49 GB (10%) free of 477 GB
Total RAM: 4094 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:05:11, on 18.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Hry\Origin\Origin.exe
C:\Users\Tom\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tom.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EADM] "C:\Hry\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Tom\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Hry\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Razer Surround Audio Service (RzSurroundVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9306 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
taskeng.exe {D4A7EA9E-4513-408D-8B15-93EE42BD1CDD}
taskeng.exe {2987933D-98FB-4ABA-95CB-3BB12E533224}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe" /startup
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" ccd84ba5-29eb-4aaf-a1b1-1ef69ab63b63
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
\??\C:\Windows\system32\conhost.exe "-1934446808-1730170045-725986512-1812377384-567247877-63077115040710532759189705
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-943371826-168960092453225180-187385186410510797311786065767-1717753447-430498389
WLIDSvcM.exe 2560
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Hry\Origin\Origin.exe" -AutoStart
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Users\Tom\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Hry\Origin\IGOProxy64.exe -L DX11
C:\Hry\Origin\IGOProxy64.exe -L DX10
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --incognito
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4668.0.248877877\494530512" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45,55 --gpu-vendor-id=0x10de --gpu-device-id=0x05e2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4181 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A5_Stable_R8/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_46/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4668.1.610752921\1855063227" --font-cache-shared-handle=1916 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A5_Stable_R8/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_46/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4668.2.917753091\1190898461" --font-cache-shared-handle=2200 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A5_Stable_R8/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_46/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4668.3.1508982727\1487263645" --font-cache-shared-handle=2352 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A5_Stable_R8/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_46/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4668.4.1574546747\1165066895" --font-cache-shared-handle=2708 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A5_Stable_R8/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_46/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4668.5.1685835042\1573245750" --font-cache-shared-handle=2204 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A5_Stable_R8/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_46/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4668.8.1140453968\1258942944" --font-cache-shared-handle=5340 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4668.9.523501724\496614762" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\Tom\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FreeFileViewerUpdateChecker.job - C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-23 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-23 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-17 14021336]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-18 2634872]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-08-18 1710568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"EADM"=C:\Hry\Origin\Origin.exe [2015-09-03 3638256]
"GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-09-12 815944]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-07-06 7800088]
"Spotify Web Helper"=C:\Users\Tom\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-09-05 2018360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Tom\AppData\Roaming\Spotify\Spotify.exe [2015-09-05 7535672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Tom\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-09-05 2018360]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-23 5515496]
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2015-03-12 590144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-18 17:39:13 ----D---- C:\_OTM
2015-09-17 20:59:23 ----D---- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-09-17 18:51:30 ----D---- C:\Program Files\trend micro
2015-09-17 18:51:29 ----D---- C:\rsit
2015-09-17 18:36:08 ----D---- C:\Users\Tom\AppData\Roaming\SUPERAntiSpyware.com
2015-09-17 18:35:20 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2015-09-17 18:35:20 ----D---- C:\Program Files\SUPERAntiSpyware
2015-09-17 18:25:35 ----D---- C:\AdwCleaner
2015-09-16 22:08:12 ----AD---- C:\Windows\VDLL.DLL
2015-09-16 22:08:12 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2015-09-16 22:08:12 ----AD---- C:\Windows\rundll16.exe
2015-09-16 22:08:12 ----AD---- C:\Windows\RUNDL132.EXE
2015-09-16 22:08:12 ----AD---- C:\Windows\logo1_.exe
2015-09-16 22:08:12 ----AD---- C:\Windows\logo_1.exe
2015-09-16 22:03:40 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2015-09-16 22:03:39 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2015-09-16 22:03:38 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2015-09-16 22:03:24 ----D---- C:\ProgramData\MicroWorld
2015-08-25 10:16:58 ----D---- C:\Users\Tom\AppData\Roaming\FreeFileViewer
2015-08-24 19:23:22 ----D---- C:\Program Files (x86)\FreeFileViewer
2015-08-24 18:38:14 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-08-24 18:36:23 ----D---- C:\temp
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-08-24 18:22:53 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\nvopencl.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\nvoglv64.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\NvIFR64.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\NvFBC64.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\nvdispgenco6434181.dll
2015-08-24 18:22:53 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-08-24 18:22:52 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-08-24 18:22:52 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-08-24 18:22:52 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvdispco6434181.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvcuvid.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvcuda.dll
2015-08-24 18:22:52 ----A---- C:\Windows\system32\nvcompiler.dll
2015-08-24 17:52:54 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-08-24 17:52:54 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-08-24 17:38:10 ----D---- C:\Users\Tom\AppData\Roaming\Steam

======List of files/folders modified in the last 1 month======

2015-09-18 18:05:11 ----A---- C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2015-09-18 18:05:09 ----D---- C:\Windows\Temp
2015-09-18 17:54:17 ----D---- C:\ProgramData\Origin
2015-09-18 17:51:37 ----D---- C:\ProgramData\NVIDIA
2015-09-18 17:39:30 ----D---- C:\Windows\SysWOW64
2015-09-18 17:39:30 ----D---- C:\Windows
2015-09-18 17:39:14 ----D---- C:\Windows\Tasks
2015-09-18 17:39:14 ----D---- C:\Program Files
2015-09-17 22:02:53 ----D---- C:\Users\Tom\AppData\Roaming\Spotify
2015-09-17 20:59:57 ----D---- C:\Program Files (x86)\IObit
2015-09-17 20:59:41 ----D---- C:\Windows\system32\Tasks
2015-09-17 20:59:23 ----HD---- C:\ProgramData
2015-09-17 18:55:50 ----D---- C:\Windows\system32\catroot2
2015-09-17 18:45:53 ----D---- C:\Windows\system32\config
2015-09-17 18:45:43 ----D---- C:\Windows\SoftwareDistribution
2015-09-17 18:43:37 ----D---- C:\Users\Tom\AppData\Roaming\uTorrent
2015-09-17 18:26:41 ----D---- C:\Windows\system32\log
2015-09-17 18:26:40 ----RD---- C:\Program Files (x86)
2015-09-17 15:52:47 ----D---- C:\Program Files (x86)\Steam
2015-09-17 15:45:26 ----D---- C:\Windows\debug
2015-09-16 22:03:33 ----D---- C:\Program Files (x86)\Common Files
2015-09-16 16:07:10 ----D---- C:\Users\Tom\AppData\Roaming\DAEMON Tools Lite
2015-09-16 16:06:15 ----D---- C:\Windows\inf
2015-09-16 16:06:13 ----D---- C:\Windows\Logs
2015-09-16 07:22:15 ----D---- C:\Windows\System32
2015-09-16 07:22:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-15 06:57:02 ----SHD---- C:\Windows\Installer
2015-09-15 06:57:02 ----SHD---- C:\Config.Msi
2015-09-13 19:17:51 ----D---- C:\ProgramData\ProductData
2015-09-13 07:15:27 ----D---- C:\Windows\Prefetch
2015-09-10 06:41:16 ----SHD---- C:\System Volume Information
2015-09-09 17:12:32 ----D---- C:\ProgramData\Ubisoft
2015-09-09 17:04:52 ----RSD---- C:\Windows\assembly
2015-09-09 16:47:36 ----D---- C:\Program Files (x86)\Ubisoft
2015-09-09 16:47:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-09-06 18:13:34 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2015-09-06 15:16:01 ----D---- C:\Program Files (x86)\THQ
2015-09-01 10:50:27 ----D---- C:\The KMPlayer
2015-08-27 17:12:08 ----D---- C:\Program Files (x86)\R.G. Mechanics
2015-08-27 17:10:47 ----D---- C:\Program Files (x86)\2K Games
2015-08-27 16:22:26 ----D---- C:\Program Files (x86)\Activision
2015-08-24 18:38:22 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-08-24 18:38:11 ----D---- C:\Windows\system32\DriverStore
2015-08-24 18:24:41 ----D---- C:\Windows\system32\drivers
2015-08-24 18:24:40 ----D---- C:\Program Files\NVIDIA Corporation
2015-08-24 17:52:58 ----D---- C:\ProgramData\NVIDIA Corporation
2015-08-24 15:14:47 ----D---- C:\ProgramData\Solidshield
2015-08-24 15:13:51 ----D---- C:\Program Files (x86)\Electronic Arts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-05-23 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-05-23 272248]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2015-03-13 123704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-05-23 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-05-23 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-27 442264]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-24 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-03-13 26528]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-05-23 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-05-23 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-05-23 137288]
R2 rzpmgrk;rzpmgrk; \??\C:\Windows\system32\drivers\rzpmgrk.sys [2015-02-05 37184]
R2 rzpnk;rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [2014-11-17 129600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-07-17 4496600]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-18 19576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-05-06 977624]
S1 SABKUTIL;SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys []
S3 cpuz137;cpuz137; \??\C:\Users\Tom\AppData\Local\Temp\cpuz137\cpuz137_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 esgiguard;esgiguard; C:\Windows\system32\drivers\esgiguard.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-02-13 19456]
S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service; C:\Windows\system32\drivers\RzMaelstromVAD.sys [2014-06-09 32768]
S3 SABProcEnum;SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys []
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2015-03-27 203672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2015-02-13 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2015-02-13 30208]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-23 343336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-18 1155192]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-18 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-18 5544568]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 933168]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-07-17 76152]
R2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-02-05 187072]
R2 RzSurroundVADStreamingService;Razer Surround Audio Service; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [2015-02-03 4250624]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 139776]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-18 114688]
S3 Origin Client Service;Origin Client Service; C:\Hry\Origin\OriginClientService.exe [2015-09-03 2057736]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-09-10 838848]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-26 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Fanouš]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Tom (administrator) on TOM-PC (18-09-2015 18:14:45)
Running from C:\Users\Tom\Downloads
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Electronic Arts) C:\Hry\Origin\Origin.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Spotify Ltd) C:\Users\Tom\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Hry\Origin\igoproxy64.exe
() C:\Hry\Origin\igoproxy64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Tom\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-07-17] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-03-12] (Razer Inc.)
HKU\S-1-5-21-247765730-4293617776-642774430-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-247765730-4293617776-642774430-1001\...\Run: [EADM] => C:\Hry\Origin\Origin.exe [3638256 2015-09-03] (Electronic Arts)
HKU\S-1-5-21-247765730-4293617776-642774430-1001\...\Run: [GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-12] (Google Inc.)
HKU\S-1-5-21-247765730-4293617776-642774430-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7800088 2015-07-06] (SUPERAntiSpyware)
HKU\S-1-5-21-247765730-4293617776-642774430-1001\...\Run: [Spotify Web Helper] => C:\Users\Tom\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-05] (Spotify Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-23] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86FF4C68-3E33-4BD9-B6CC-A0EBEF30605A}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-247765730-4293617776-642774430-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-247765730-4293617776-642774430-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-247765730-4293617776-642774430-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-247765730-4293617776-642774430-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-247765730-4293617776-642774430-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-247765730-4293617776-642774430-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-247765730-4293617776-642774430-1001 -> {B16EA7D2-BA8C-4575-9D89-E5CD15B79EEA} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-23] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-23] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-247765730-4293617776-642774430-1001 -> No Name - {B4B3001E-0F56-4E51-8250-BDE11547EC55} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin HKU\S-1-5-21-247765730-4293617776-642774430-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-247765730-4293617776-642774430-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-24] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-24]

Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid ... 4431&SSPV=
CHR StartupUrls: Profile 2 -> "hxxps://www.google.com/"
CHR DefaultSearchKeyword: Profile 2 -> google.cz_
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Dokumenty Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Disk Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-13]
CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-13]
CHR Extension: (Avast SafePrice) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-03-13]
CHR Extension: (Tabulky Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-17]
CHR Extension: (Avast Online Security) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-13]
CHR Extension: (ijjfcepcgakkhodjinacolfaeimnedbg) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ijjfcepcgakkhodjinacolfaeimnedbg [2015-07-15]
CHR Extension: (Skype Click to Call) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-13]
CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-13]
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Prezentace Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-05]
CHR Extension: (Dokumenty Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-17]
CHR Extension: (Disk Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-17]
CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-17]
CHR Extension: (Adblock Plus) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-17]
CHR Extension: (Avast SafePrice) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-17]
CHR Extension: (Tabulky Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Avast Online Security) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-17]
CHR Extension: (Tlačítko Pin It) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-08-14]
CHR Extension: (ijjfcepcgakkhodjinacolfaeimnedbg) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ijjfcepcgakkhodjinacolfaeimnedbg [2015-07-15]
CHR Extension: (Skype Click to Call) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-17]
CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-17]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-23] (Avast Software s.r.o.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation)
S3 Origin Client Service; C:\Hry\Origin\OriginClientService.exe [2057736 2015-09-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-07-17] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4250624 2015-02-03] (A-Volute) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-23] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-23] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-23] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-23] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 esgiguard; no ImagePath
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-13] (REALiX(tm))
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [203672 2015-03-27] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 cpuz137; \??\C:\Users\Tom\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]
S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-18 18:14 - 2015-09-18 18:15 - 00023392 _____ C:\Users\Tom\Downloads\FRST.txt
2015-09-18 18:14 - 2015-09-18 18:14 - 00000000 ____D C:\FRST
2015-09-18 18:13 - 2015-09-18 18:13 - 02191360 _____ (Farbar) C:\Users\Tom\Downloads\FRST64 (1).exe
2015-09-18 18:11 - 2015-09-18 18:11 - 02191360 _____ (Farbar) C:\Users\Tom\Downloads\FRST64.exe
2015-09-18 17:39 - 2015-09-18 17:39 - 00000000 ____D C:\_OTM
2015-09-18 17:37 - 2015-09-18 17:37 - 00522240 _____ (OldTimer Tools) C:\Users\Tom\Downloads\OTM (1).exe
2015-09-18 17:34 - 2015-09-18 17:34 - 00522240 _____ (OldTimer Tools) C:\Users\Tom\Downloads\OTM.exe
2015-09-17 21:03 - 2015-09-17 21:03 - 00000940 _____ C:\Windows\PFRO.log
2015-09-17 20:59 - 2015-09-17 20:59 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-09-17 18:51 - 2015-09-18 18:05 - 00000000 ____D C:\Program Files\trend micro
2015-09-17 18:51 - 2015-09-17 18:51 - 00000000 ____D C:\rsit
2015-09-17 18:50 - 2015-09-17 18:51 - 01222144 _____ C:\Users\Tom\Downloads\RSITx64.exe
2015-09-17 18:45 - 2015-09-17 19:10 - 00017969 _____ C:\Windows\WindowsUpdate.log
2015-09-17 18:44 - 2015-09-17 18:44 - 00003200 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2015-09-17 18:36 - 2015-09-17 18:36 - 00000000 ____D C:\Users\Tom\AppData\Roaming\SUPERAntiSpyware.com
2015-09-17 18:35 - 2015-09-17 18:36 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-09-17 18:35 - 2015-09-17 18:35 - 00001768 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-09-17 18:35 - 2015-09-17 18:35 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-09-17 18:35 - 2015-09-17 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-09-17 18:28 - 2015-09-18 17:52 - 00001512 _____ C:\Windows\setupact.log
2015-09-17 18:28 - 2015-09-17 18:28 - 00000000 _____ C:\Windows\setuperr.log
2015-09-17 18:25 - 2015-09-17 20:10 - 00000000 ____D C:\AdwCleaner
2015-09-17 18:22 - 2015-09-17 18:22 - 01660416 _____ C:\Users\Tom\Downloads\adwcleaner_5.007.exe
2015-09-17 18:18 - 2015-09-17 18:18 - 22411072 _____ (SUPERAntiSpyware) C:\Users\Tom\Downloads\SUPERAntiSpyware.exe
2015-09-16 22:08 - 2015-09-16 22:08 - 00000000 ____D C:\Windows\VDLL.DLL
2015-09-16 22:08 - 2015-09-16 22:08 - 00000000 ____D C:\Windows\SysWOW64\runouce.exe
2015-09-16 22:08 - 2015-09-16 22:08 - 00000000 ____D C:\Windows\rundll16.exe
2015-09-16 22:08 - 2015-09-16 22:08 - 00000000 ____D C:\Windows\RUNDL132.EXE
2015-09-16 22:08 - 2015-09-16 22:08 - 00000000 ____D C:\Windows\logo1_.exe
2015-09-16 22:08 - 2015-09-16 22:08 - 00000000 ____D C:\Windows\logo_1.exe
2015-09-16 22:04 - 2015-09-16 22:04 - 00000028 _____ C:\Windows\Lic.xxx
2015-09-16 22:03 - 2015-09-16 22:03 - 00632064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2015-09-16 22:03 - 2015-09-16 22:03 - 00554240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp80.dll
2015-09-16 22:03 - 2015-09-16 22:03 - 00034048 _____ (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2015-09-16 22:03 - 2015-09-16 22:03 - 00000000 ____D C:\ProgramData\MicroWorld
2015-09-16 22:03 - 2005-09-22 23:22 - 00000522 _____ C:\Windows\SysWOW64\Microsoft.VC80.CRT.manifest
2015-09-16 21:33 - 2015-09-16 21:35 - 68866904 _____ C:\Users\Tom\Downloads\mwav.exe
2015-09-15 14:12 - 2015-09-15 14:12 - 00021113 _____ C:\Users\Tom\Downloads\Lost.Planet - SKIDROW.torrent
2015-09-14 08:11 - 2015-09-14 08:11 - 00000210 _____ C:\Users\Tom\Downloads\ww2-radio.m3u
2015-09-13 11:03 - 2015-09-13 11:03 - 00000222 _____ C:\Users\Tom\Desktop\Saints Row IV.url
2015-09-11 23:40 - 2015-09-11 23:48 - 148487525 _____ C:\Users\Tom\Downloads\Yelawolf---Love-Story-(2015).rar
2015-09-09 15:50 - 2015-09-17 15:54 - 00000000 ____D C:\Users\Tom\Downloads\Assassins.Creed.Brotherhood-SKIDROW
2015-09-09 15:48 - 2015-09-09 15:48 - 00041033 _____ C:\Users\Tom\Downloads\Assassins_Creed_Brotherhood-SKIDROW.6245875.TPB.torrent
2015-09-09 15:47 - 2015-09-09 15:47 - 00017806 _____ C:\Users\Tom\Downloads\Assassins.Creed.Brotherhood - SKIDROW.torrent
2015-09-06 22:41 - 2015-09-06 22:41 - 02241341 _____ C:\Users\Tom\Downloads\prilohy_10358.zip
2015-09-06 18:11 - 2015-09-06 18:11 - 00679936 _____ C:\Users\Tom\Downloads\Detection.msi
2015-09-06 16:06 - 2015-09-06 16:06 - 07776719 _____ C:\Users\Tom\Downloads\COH2-MP[Crack only].7z
2015-09-06 15:20 - 2015-09-09 15:49 - 00000000 ____D C:\Users\Tom\Downloads\Company of Heroes 2
2015-09-06 15:19 - 2015-09-06 15:19 - 00061233 _____ C:\Users\Tom\Downloads\[kat.cr]company.of.heroes.2.full.sc.torrent
2015-09-06 15:19 - 2015-09-06 15:19 - 00010282 _____ C:\Users\Tom\Downloads\[kat.cr]company.of.heroes.2.multiplayer.crack.only.torrent
2015-09-06 14:07 - 2015-09-06 14:07 - 00022279 _____ C:\Users\Tom\Downloads\Company_of_Heroes.3600563.TPB (1).torrent
2015-09-06 13:46 - 2015-09-06 13:46 - 00022279 _____ C:\Users\Tom\Downloads\Company_of_Heroes.3600563.TPB.torrent
2015-09-05 21:00 - 2015-09-05 21:01 - 00022890 _____ C:\Users\Tom\Downloads\Company-of-Heroes.torrent
2015-09-05 14:06 - 2015-09-05 14:06 - 00014544 _____ C:\Users\Tom\Downloads\Prince.of.Persia - SKIDROW.torrent
2015-09-05 13:58 - 2015-09-05 13:58 - 00017007 _____ C:\Users\Tom\Downloads\Company.of.Heroes - RELOADED.torrent
2015-09-05 13:54 - 2015-09-05 13:55 - 00025514 _____ C:\Users\Tom\Downloads\Company-of-Heroes-2.torrent
2015-09-03 19:37 - 2015-09-03 20:26 - 00000000 ____D C:\Users\Tom\Desktop\Nová složka (2)
2015-08-31 13:34 - 2015-08-31 13:44 - 101752357 _____ C:\Users\Tom\Downloads\Katapult---Hit-Album-3-2002.rar
2015-08-27 13:13 - 2015-08-27 13:13 - 00156176 _____ C:\Users\Tom\Downloads\call-of-duty-modern-warfare-3-reloaded-pc.torrent
2015-08-27 13:06 - 2015-08-27 13:06 - 38236542 _____ C:\Users\Tom\Downloads\Flashlight_77958772_-_from_Vimeo_by_Offliberty.mp4
2015-08-26 22:08 - 2015-08-26 22:08 - 00022612 _____ C:\Users\Tom\Downloads\6031.webp
2015-08-26 20:57 - 2015-08-26 20:57 - 00042484 _____ C:\Users\Tom\Downloads\5354.webp
2015-08-26 10:06 - 2015-08-26 10:06 - 00078676 _____ C:\Users\Tom\Downloads\Medal.of.Honor.Warfighter-FLT.torrent
2015-08-25 10:16 - 2015-08-25 10:20 - 00000000 ____D C:\Users\Tom\AppData\Roaming\FreeFileViewer
2015-08-24 21:53 - 2015-08-24 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Studios
2015-08-24 19:39 - 2015-08-24 19:39 - 00149001 _____ C:\Users\Tom\Downloads\State.of.Decay.Breakdown-SKIDROW.1.torrent
2015-08-24 19:24 - 2015-08-24 19:25 - 00000000 ____D C:\Users\Tom\AppData\Local\FreeFileViewer
2015-08-24 19:23 - 2015-09-18 17:52 - 00000398 _____ C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2015-08-24 19:23 - 2015-08-24 19:23 - 00003090 _____ C:\Windows\System32\Tasks\FreeFileViewerUpdateChecker
2015-08-24 19:23 - 2015-08-24 19:23 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\FreeFileViewer.lnk
2015-08-24 19:23 - 2015-08-24 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileViewer
2015-08-24 19:23 - 2015-08-24 19:23 - 00000000 ____D C:\Program Files (x86)\FreeFileViewer
2015-08-24 19:23 - 2015-08-24 19:22 - 18816752 _____ (Bitberry Software ) C:\Users\Tom\Downloads\FreeFileViewerSetup [1].exe
2015-08-24 19:22 - 2015-08-24 19:22 - 01324480 _____ C:\Users\Tom\Downloads\FreeFileViewerSetup.cpl
2015-08-24 19:05 - 2015-08-24 19:05 - 00033567 _____ C:\Users\Tom\Downloads\State of Decay Year One Survival Edition.torrent
2015-08-24 19:05 - 2015-08-24 19:05 - 00033567 _____ C:\Users\Tom\Downloads\State of Decay Year One Survival Edition (1).torrent
2015-08-24 18:38 - 2015-08-17 23:43 - 00608048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-08-24 18:36 - 2015-08-24 18:36 - 00000000 ____D C:\temp
2015-08-24 18:22 - 2015-08-18 10:48 - 31515256 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 24200312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 22992048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 17559240 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 15294072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 13916600 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 13828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 12896432 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-24 18:22 - 2015-08-18 10:48 - 11272048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 11209376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 04245808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 03987760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 01908528 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434181.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 01556656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434181.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 00945456 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 00908592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 00903472 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-08-24 18:22 - 2015-08-18 10:48 - 00870008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-08-24 17:52 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-08-24 17:52 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-08-24 17:50 - 2015-08-24 17:50 - 00033467 _____ C:\Users\Tom\Downloads\DxDiag.txt
2015-08-24 17:49 - 2015-08-24 17:49 - 00026478 _____ C:\Users\Tom\Documents\DxDiag.txt
2015-08-24 17:38 - 2015-08-24 17:38 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Steam
2015-08-24 15:44 - 2015-08-24 15:44 - 00015510 _____ C:\Users\Tom\Downloads\State of Decay Year One-CODEX-[rarbg.com].torrent
2015-08-24 14:09 - 2015-08-24 14:09 - 00040601 _____ C:\Users\Tom\Downloads\Assassins Creed Rogue-CODEX-[rarbg.com] (1).torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-18 18:12 - 2014-06-24 18:28 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-18 17:59 - 2009-07-14 06:45 - 00034368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-18 17:59 - 2009-07-14 06:45 - 00034368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-18 17:54 - 2014-08-22 20:33 - 00000000 ____D C:\ProgramData\Origin
2015-09-18 17:51 - 2014-08-15 23:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-18 17:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-18 17:03 - 2014-06-24 16:47 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-17 22:02 - 2014-08-23 22:09 - 00000000 ____D C:\Users\Tom\AppData\Local\Spotify
2015-09-17 22:02 - 2014-08-23 22:08 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Spotify
2015-09-17 20:59 - 2015-02-10 19:32 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-17 18:43 - 2014-07-07 19:42 - 00000000 ____D C:\Users\Tom\AppData\Roaming\uTorrent
2015-09-17 18:43 - 2014-07-07 19:42 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-09-17 18:26 - 2014-08-07 21:25 - 00000000 ____D C:\Windows\system32\log
2015-09-17 15:52 - 2014-06-24 15:06 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-16 17:00 - 2014-06-24 15:03 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-16 16:07 - 2014-06-24 17:48 - 00000000 ____D C:\Users\Tom\AppData\Roaming\DAEMON Tools Lite
2015-09-16 07:22 - 2011-04-12 10:34 - 00668542 _____ C:\Windows\system32\perfh005.dat
2015-09-16 07:22 - 2011-04-12 10:34 - 00141202 _____ C:\Windows\system32\perfc005.dat
2015-09-16 07:22 - 2009-07-14 07:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-15 06:52 - 2014-06-24 15:03 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 06:51 - 2014-06-24 15:03 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-13 19:17 - 2015-02-10 19:33 - 00000000 ____D C:\ProgramData\ProductData
2015-09-11 23:36 - 2014-06-24 15:03 - 00000000 ____D C:\Users\Tom\AppData\Local\Google
2015-09-11 21:45 - 2015-08-17 16:35 - 00000000 ____D C:\Users\Tom\Desktop\Nová složka
2015-09-09 17:12 - 2014-06-24 18:38 - 00000000 ____D C:\ProgramData\Ubisoft
2015-09-09 17:00 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-09 16:47 - 2014-06-24 17:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-09 16:47 - 2014-06-24 17:50 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-09-06 18:13 - 2014-08-19 16:26 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-09-06 15:16 - 2015-02-26 16:52 - 00000000 ____D C:\Program Files (x86)\THQ
2015-09-06 14:19 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 10:50 - 2014-06-26 14:02 - 00000000 ____D C:\The KMPlayer
2015-08-30 19:14 - 2014-06-27 15:58 - 00000000 ____D C:\Users\Tom\Desktop\hry
2015-08-27 17:14 - 2015-03-24 14:36 - 00000000 ____D C:\Users\Tom\Downloads\cod
2015-08-27 17:12 - 2014-06-29 16:12 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-08-27 17:10 - 2014-08-30 09:48 - 00000000 ____D C:\Program Files (x86)\2K Games
2015-08-27 17:04 - 2014-10-31 21:32 - 00000000 ____D C:\Users\Tom\Documents\EA Games
2015-08-27 17:02 - 2015-05-03 12:55 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Illusion Softworks
2015-08-27 16:22 - 2014-07-01 12:31 - 00000000 ____D C:\Program Files (x86)\Activision
2015-08-27 13:02 - 2015-01-06 14:04 - 00000000 ____D C:\Users\Tom\Downloads\Charlie Chaplin - The Great Dictator (1940)
2015-08-24 18:38 - 2014-08-15 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-24 18:38 - 2014-08-08 15:52 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-24 18:24 - 2014-08-15 23:07 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-24 17:52 - 2014-08-15 23:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-24 15:27 - 2014-07-26 08:53 - 00001201 _____ C:\Users\Tom\Desktop\Uplay.lnk
2015-08-24 15:14 - 2014-11-01 19:25 - 00000000 ____D C:\ProgramData\Solidshield
2015-08-24 15:13 - 2015-05-13 18:58 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-08-23 21:39 - 2009-07-14 07:08 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2015-05-18 01:44 - 2015-05-18 01:44 - 0007605 _____ () C:\Users\Tom\AppData\Local\Resmon.ResmonCfg
2015-02-16 20:16 - 2015-02-16 20:16 - 0000112 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some zero byte size files/folders:
==========================
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-13 07:41

==================== End of FRST.txt ============================

[Rudy]

Budeme to řešit přes FRST. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-247765730-4293617776-642774430-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-247765730-4293617776-642774430-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-247765730-4293617776-642774430-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
CHR HomePage: Profile 2 -> hxxp://www.trovi.com/?gd=&ctid=CT332145 ... 4431&SSPV=
CHR Extension: (ijjfcepcgakkhodjinacolfaeimnedbg) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ijjfcepcgakkhodjinacolfaeimnedbg [2015-07-15]
CHR Extension: (ijjfcepcgakkhodjinacolfaeimnedbg) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ijjfcepcgakkhodjinacolfaeimnedbg [2015-07-15]
S3 esgiguard; no ImagePath
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe
End

Uložte do C:\Users\Tom\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Fanouš]

Děkuji Vám.
časově je to bída ... Pokračování snad ještě dnes nebo asi zítra.
Hezký víkend

[Rudy]

OK, též hezký víkend. Není zač!

[Fanouš]

Pokračování

Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Tom (2015-09-19 16:54:57) Run:1
Running from C:\Users\Tom\Downloads
Loaded Profiles: Tom (Available Profiles: Tom)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-247765730-4293617776-642774430-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-247765730-4293617776-642774430-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-247765730-4293617776-642774430-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
CHR HomePage: Profile 2 -> hxxp://www.trovi.com/?gd=&ctid=CT332145 ... 4431&SSPV=
CHR Extension: (ijjfcepcgakkhodjinacolfaeimnedbg) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ijjfcepcgakkhodjinacolfaeimnedbg [2015-07-15]
CHR Extension: (ijjfcepcgakkhodjinacolfaeimnedbg) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ijjfcepcgakkhodjinacolfaeimnedbg [2015-07-15]
S3 esgiguard; no ImagePath
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe
End
*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-247765730-4293617776-642774430-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => key removed successfully
HKCR\Wow6432Node\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => key not found.
HKU\S-1-5-21-247765730-4293617776-642774430-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-247765730-4293617776-642774430-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => key removed successfully
HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => key not found.
"HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.0" => key removed successfully
"HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.0" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1" => key removed successfully
Chrome HomePage removed successfully
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ijjfcepcgakkhodjinacolfaeimnedbg => moved successfully
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ijjfcepcgakkhodjinacolfaeimnedbg => moved successfully
esgiguard => service removed successfully
C:\Windows\logo1_.exe => moved successfully
C:\Windows\logo_1.exe => moved successfully
C:\Windows\RUNDL132.EXE => moved successfully
C:\Windows\rundll16.exe => moved successfully
C:\Windows\VDLL.DLL => moved successfully
C:\Windows\SysWOW64\runouce.exe => moved successfully

==== End of Fixlog 16:54:58 ====

Děkuji

[Rudy]

Smazáno. Nastala nějaká změna?

[Fanouš]

Popravdě nevím. U PC nejsem ... s danou osobou řeším na dálku - telefonem, emailem.
Buď budu odpověď znát ještě dnes, nebo tam sjedu zítra k večeru kouknout. )
Zatím děkuji za Vaši pomoc.
F.