Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

pocitac s win 7 sa mi vzdy tak cca za 3 hodiny vypne, virus?

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

pocitac s win 7 sa mi vzdy tak cca za 3 hodiny vypne, virus?

#1 Příspěvek od solide »

Ahoj, chcem poprosit o pomoc, neviem co sa deje, ale moj pocitac s Win 7 SK Home sa mi vzdy po dlhsej prace, cca za 3 hodiny sam zacne vypinat, postupne pozatvara vsetky okna a vypne sa. Cely system som oscanovbal Nodom, ten nieco nasiel, to som odstranil, vyliecil, ale robi to stale. Neviem ci to je virus, alebo co to je? Nezname prilohy zasadne neotvaram, cracknute programy stahujem uplne minimalne, v poslednom case vobec. Neporadi niekto co s tym?
v prilohe LOG:

Logfile of random's system information tool 1.09 (written by random/random)
Run by ideacentre at 2018-07-31 11:27:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 228 GB (51%) free of 451 GB
Total RAM: 8172 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:27:03, on 31. 7. 2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\jmesoft\hotkey.exe
C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
F:\instalacky programov\JDownloader-2.0-DC-31.03.2016\JDownloader 2 24052016\JDownloader-2.0-DC-04.05.2016-Portable\JDownloader 2.0 DC 04.05.2016\JDownloader2.exe
C:\Program Files (x86)\Teacher\TEACHER.EXE
C:\Program Files (x86)\PC Translator\wtran32.exe
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\ideacentre.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 0000000000
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: (no name) - {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [Bluetooth Manager] C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Google Update] C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Uložiť - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Uložiť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Zobraziť panel nástrojov - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Nástrojová lišta RoboFormu - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: WSISVCUchrome - {78A543EB-3A61-4ED3 - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\windows\system32\DbxSvc.exe (file missing)
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: GoPro Device Detection Service (GoProDeviceDetectionService) - Unknown owner - C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\windows\system32\IProsetMonitor.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe
O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16964 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000214;000000000000022C; /AddRef;
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\DbxSvc.exe
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe"
/QuitInfo:0000000000000480;0000000000000484; /AddRef;
/QuitInfo:000000000000031C;000000000000048C;
taskeng.exe {27FC29A7-A60E-4C21-8C24-C802457AC536}
/loadhooks /Parent:0000000000000BFC
"taskhost.exe"
"C:\Program Files\EasySync Solutions\EasySync CryptoMonitor\CryptoMonitor.exe" /StartMinimized
C:\windows\Explorer.EXE
"C:\windows\system32\Dwm.exe"
taskeng.exe {C676586F-7445-4C64-B293-223D2F0DC37A}
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
C:\windows\system32\IProsetMonitor.exe
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\jmesoft\hotkey.exe"
"C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe"
"C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe"
"C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe"
"C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1788
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --reporter-url=https://rink.hockeyapp.net/api/2/apps/a ... hes/upload --application-name=skype-preview "--crashes-directory=C:\Users\IDEACE~1\AppData\Local\Temp\skype-preview Crashes" --v=1
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{E88E80C3-CC7D-4562-A286-870169B0404B}
{1C27D80B-4E4B-4F7A-941E-CD59D53F2E45}
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --no-sandbox --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,19,20,22,23,24,27,49,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-accelerated-video-decode --gpu-vendor-id=0x10de --gpu-device-id=0x0deb --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.6859 --gpu-driver-date=5-13-2011 --service-request-channel-token=C059F7D6B761AAB7CDB78C586E49E4D3 --mojo-platform-channel-handle=1328 /prefetch:2
"C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --ms-disable-indexeddb-transaction-timeout --no-sandbox --service-pipe-token=FA2E99C1A84BC708499D976C07FE61CD --lang=sk --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar\Preload.js" --context-id=2 --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=FA2E99C1A84BC708499D976C07FE61CD --renderer-client-id=4 --mojo-platform-channel-handle=1760 /prefetch:1
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --ms-disable-indexeddb-transaction-timeout --no-sandbox --service-pipe-token=4A692156933ED392818ABE9A837B8824 --lang=sk --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=true --webview-tag=true --no-sandbox --context-id=2 --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=4A692156933ED392818ABE9A837B8824 --renderer-client-id=6 --mojo-platform-channel-handle=2104 /prefetch:1
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
"C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE"
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3260c110-3ae3-4570-82ac-d09d52aed832 -SystemEventPortName:HostProcess-31525513-5498-46e0-a2b8-15bcea1ca663 -IoCancelEventPortName:HostProcess-6d7b1f39-1dba-4239-867c-f151608ce640 -NonStateChangingEventPortName:HostProcess-c1e9a212-31bf-47b6-8a6d-eba58e2475c0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b2b24f24-1f17-4e80-9646-cb1387a4ca6b -DeviceGroupId:
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e2542a9f-969f-4647-b4ec-f82987d5257f -SystemEventPortName:HostProcess-8e49b66e-cab0-4a92-909a-839cc61f5364 -IoCancelEventPortName:HostProcess-c71fbd73-bd8b-4da0-be4b-ada3f9bf0400 -NonStateChangingEventPortName:HostProcess-43e68d09-3ead-49f2-a66a-7a2f738957a3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0a4b6a6f-ffbf-4824-86e5-3afba63cfcaa -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "H:\sd karta\Nový priečinok\poziarne\Quintal\vydane faktury\vydane faktury 2016\zalohove 2016\ceske zalohove 2016\zalohova Cejc 20161108 ukony cz banka.rtf"
C:\windows\splwow64.exe 8192
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2596 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=68.0.3440.75 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7fee0d734d0,0x7fee0d734e0,0x7fee0d734f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=9520 --on-initialized-event-handle=320 --parent-handle=324 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=793F835972B9275337137E5968775EDB --mojo-platform-channel-handle=1120 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --service-pipe-token=D57D3621C5FBEB0A0357AD5779C11377 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=D57D3621C5FBEB0A0357AD5779C11377 --renderer-client-id=12 --mojo-platform-channel-handle=1904 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --service-pipe-token=1A15EE66E6A441F5334A152E9D9743B8 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1A15EE66E6A441F5334A152E9D9743B8 --renderer-client-id=3 --mojo-platform-channel-handle=2348 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --service-pipe-token=69D75E0F463B27DBDBC196B5B887C1D4 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=69D75E0F463B27DBDBC196B5B887C1D4 --renderer-client-id=4 --mojo-platform-channel-handle=2696 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --service-pipe-token=14AE0108541C37A9AD0CE6AB934D5E0C --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14AE0108541C37A9AD0CE6AB934D5E0C --renderer-client-id=5 --mojo-platform-channel-handle=2808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --service-pipe-token=5FEFBD8BDC35FC3F101AE4FCAE57D246 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5FEFBD8BDC35FC3F101AE4FCAE57D246 --renderer-client-id=7 --mojo-platform-channel-handle=2968 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --service-pipe-token=8A933DCECA3E4694D4F3CDFA7281D4A7 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8A933DCECA3E4694D4F3CDFA7281D4A7 --renderer-client-id=8 --mojo-platform-channel-handle=3092 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --service-pipe-token=7518E8806B954174E8182701EC8818C7 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7518E8806B954174E8182701EC8818C7 --renderer-client-id=9 --mojo-platform-channel-handle=3192 /prefetch:1
C:\windows\system32\cmd.exe /d /c "C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe" chrome-extension://fkepacicchenbjecpbpbclokcabebhah/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.ed86844927e3fc1e > \\.\pipe\chrome.nativeMessaging.out.ed86844927e3fc1e
\??\C:\windows\system32\conhost.exe "542951882-1659866595133192414403651754-13763663951297956542-13072549211194632739
"C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe" chrome-extension://fkepacicchenbjecpbpbclokcabebhah/ --parent-window=0
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --service-pipe-token=82DA805FAA96AFFF6D8FE1AED23BC923 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=82DA805FAA96AFFF6D8FE1AED23BC923 --renderer-client-id=21 --mojo-platform-channel-handle=4124 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --service-pipe-token=3DB47CA4023A5417816F7CA92E111CED --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3DB47CA4023A5417816F7CA92E111CED --renderer-client-id=24 --mojo-platform-channel-handle=6080 /prefetch:1
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2596 CREDAT:202064 /prefetch:2
"F:\instalacky programov\JDownloader-2.0-DC-31.03.2016\JDownloader 2 24052016\JDownloader-2.0-DC-04.05.2016-Portable\JDownloader 2.0 DC 04.05.2016\JDownloader2.exe" -afterupdate
"C:\windows\system32\notepad.exe"
"C:\windows\system32\calc.exe"
"C:\windows\system32\NOTEPAD.EXE" H:\sd karta\Nový priečinok\poziarne\pokecy\vsetky\pokec 2.txt
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --service-pipe-token=71CAB7632D86376C958E83E322CF0AF4 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=71CAB7632D86376C958E83E322CF0AF4 --renderer-client-id=33 --mojo-platform-channel-handle=2100 /prefetch:1
"C:\Program Files (x86)\Teacher\TEACHER.EXE"
"C:\Program Files (x86)\PC Translator\wtran32.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1112,4975660565048141432,1116377697861684317,131072 --service-pipe-token=603266DC9036B14100DA4DA78630B4B4 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=603266DC9036B14100DA4DA78630B4B4 --renderer-client-id=36 --mojo-platform-channel-handle=1668 /prefetch:1
"C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /Embedding
taskeng.exe {677CA696-A11A-4F70-AC07-52ED83392E48}
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-4082759503-1401401991-2524271345-100148_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-4082759503-1401401991-2524271345-100148 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2596 CREDAT:4068847 /prefetch:2
"C:\Users\ideacentre\Desktop\RSITx64.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe49_ Global\UsGthrCtrlFltPipeMssGthrPipe49 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\windows\tasks\DropboxUpdateTaskMachineCore.job
C:\windows\tasks\DropboxUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\ideacentre\AppData\Roaming\Mozilla\Firefox\Profiles\m8jb4xws.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll


C:\Users\ideacentre\AppData\Roaming\Mozilla\Firefox\Profiles\m8jb4xws.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13 9498616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13 6101504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-04 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-04 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13 9498616]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13 6101504]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01 193136]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-01-18 11775592]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-08-21 519504]
"egui"=C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [2015-07-23 4150472]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11 316392]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2018-07-06 298296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"= []
"OEXPRESS"= []
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-05-25 107000]
""= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-09-28 8944344]
"Google Update"=C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [2018-05-22 601680]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-06-26 67384]
"AdobeBridge"= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-06-26 49654728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor]
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-01-10 1105328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleIEDAV]
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [2018-06-26 68408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2018-06-26 67896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [2009-12-05 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Daemon for Mouse Suite]
C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [2013-03-26 87040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-07-13 3754168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2013-03-29 2081792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eID_klient]
C:\Program Files (x86)\eID klient\eID_klient.exe [2017-04-11 6357560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoPro Tray App]
C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [2016-11-14 866224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudDrive]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2018-06-26 110392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-06-26 67384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iSkysoft Helper Compact.exe]
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2016-06-20 2131856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2018-07-06 298296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lenovo Dynamic Brightness System]
C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [2011-02-25 287232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lenovo EE Boot Optimizer]
C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-12-24 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lenovo Eye Distance System]
C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [2010-09-09 265216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductUpdater]
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [2016-02-10 73216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultSCR]
C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe [2009-12-31 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SideSync]
C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [2018-03-07 12476064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2015-09-23 457088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TMCMonitor]
C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe [2009-11-10 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-09-20 7801088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePRCShortCut]
C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage]
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray]
C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Network PC Fax.lnk]
C:\Windows\System32\spool\drivers\x64\3\NETFAX~2.EXE [2013-02-05 380976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\PROGRA~1\SRSLAB~1\SRSCON~1\SRSPAN~1.EXE [2011-06-15 2091864]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"=C:\Program Files (x86)\jmesoft\hotkey.exe [2009-08-25 225280]
"Bluetooth Manager"=C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe [2010-07-17 552448]
""= []
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-07-13 3754168]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"wave8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.CFHD"=CFHD.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"vidc.tscc"=C:\windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\windows\SysWOW64\tsc2_codec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-07-31 11:27:00 ----D---- C:\rsit
2018-07-30 09:01:47 ----D---- C:\Program Files\iPod
2018-07-30 09:00:50 ----D---- C:\Program Files\iTunes
2018-07-30 08:38:29 ----D---- C:\Program Files (x86)\Microsoft
2018-07-24 12:58:32 ----D---- C:\Program Files\Common Files\Adobe
2018-07-24 12:34:33 ----D---- C:\Program Files\Common Files\AV
2018-07-24 11:22:16 ----D---- C:\ProgramData\ESET
2018-07-24 11:22:16 ----D---- C:\Program Files\ESET
2018-07-24 11:18:27 ----D---- C:\install
2018-07-13 04:01:46 ----A---- C:\windows\system32\drivers\dbx-stable.sys
2018-07-13 04:01:46 ----A---- C:\windows\system32\drivers\dbx-dev.sys
2018-07-13 04:01:46 ----A---- C:\windows\system32\drivers\dbx-canary.sys
2018-07-13 04:01:46 ----A---- C:\windows\system32\DbxSvc.exe
2018-07-12 19:03:40 ----A---- C:\windows\system32\invagent.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\generaltel.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\devinv.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\CompatTelRunner.exe
2018-07-12 19:03:40 ----A---- C:\windows\system32\centel.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\appraiser.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\aitstatic.exe
2018-07-12 19:03:40 ----A---- C:\windows\system32\aepic.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\aeinv.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\acmigration.dll
2018-07-12 19:03:24 ----A---- C:\windows\system32\mshtml.dll
2018-07-12 19:03:23 ----A---- C:\windows\SYSWOW64\mshtml.dll
2018-07-12 19:03:22 ----A---- C:\windows\SYSWOW64\ieframe.dll
2018-07-12 19:03:22 ----A---- C:\windows\system32\ieframe.dll
2018-07-12 19:03:21 ----A---- C:\windows\SYSWOW64\jscript9.dll
2018-07-12 19:03:21 ----A---- C:\windows\system32\shell32.dll
2018-07-12 19:03:21 ----A---- C:\windows\system32\jscript9.dll
2018-07-12 19:03:20 ----A---- C:\windows\SYSWOW64\urlmon.dll
2018-07-12 19:03:20 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2018-07-12 19:03:20 ----A---- C:\windows\SYSWOW64\shell32.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\win32k.sys
2018-07-12 19:03:20 ----A---- C:\windows\system32\vbscript.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\urlmon.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\ucrtbase.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\ExplorerFrame.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\drivers\tcpip.sys
2018-07-12 19:03:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2018-07-12 19:03:19 ----A---- C:\windows\SYSWOW64\iertutil.dll
2018-07-12 19:03:19 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2018-07-12 19:03:19 ----A---- C:\windows\system32\wkssvc.dll
2018-07-12 19:03:19 ----A---- C:\windows\system32\iertutil.dll
2018-07-12 19:03:19 ----A---- C:\windows\system32\drivers\dfsc.sys
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\zipfldr.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\ntdll.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\zipfldr.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\ntdll.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\iedkcs32.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\drivers\usbport.sys
2018-07-12 19:03:18 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2018-07-12 19:03:18 ----A---- C:\windows\system32\dnsrslvr.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\dnsapi.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\wininet.dll
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\dnscacheugc.exe
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\wininet.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\ntoskrnl.exe
2018-07-12 19:03:17 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2018-07-12 19:03:17 ----A---- C:\windows\system32\hal.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\netio.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\mpsdrv.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\ksecdd.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\dnscacheugc.exe
2018-07-12 19:03:17 ----A---- C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\webcheck.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\ole32.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\msrating.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\certcli.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\webcheck.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\schannel.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\rstrui.exe
2018-07-12 19:03:16 ----A---- C:\windows\system32\rpcrt4.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\ole32.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\msrating.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\mshtmlmedia.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\msfeeds.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\lsasrv.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\inseng.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\ieui.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\iesetup.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\ie4uinit.exe
2018-07-12 19:03:16 ----A---- C:\windows\system32\dxtrans.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\dxtmsft.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\drivers\usbhub.sys
2018-07-12 19:03:16 ----A---- C:\windows\system32\drivers\usbccgp.sys
2018-07-12 19:03:16 ----A---- C:\windows\system32\conhost.exe
2018-07-12 19:03:16 ----A---- C:\windows\system32\certcli.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\advapi32.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\wdigest.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\sspicli.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\schannel.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\setup16.exe
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\occache.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\kernel32.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\kerberos.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\inseng.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ieui.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\iesetup.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\iernonce.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\auditpol.exe
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\appidapi.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\advapi32.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\wow64win.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\winsrv.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\wdigest.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\TSpkg.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\sspicli.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\srcore.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\smss.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\rpchttp.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\rpcss.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\occache.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ntvdm64.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ncrypt.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\msv1_0.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\mshtmled.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\MshtmlDac.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\KernelBase.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\kernel32.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\kerberos.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\jsproxy.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\jscript9diag.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ieUnatt.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\iernonce.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ieetwproxystub.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ieetwcollector.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\drivers\videoprt.sys
2018-07-12 19:03:15 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2018-07-12 19:03:15 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2018-07-12 19:03:15 ----A---- C:\windows\system32\csrsrv.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\bcrypt.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\auditpol.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\appidsvc.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\appidapi.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\wow32.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\wfapigp.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\user.exe
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\srclient.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\secur32.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\oleres.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\msobjs.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\msaudite.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\jscript.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\instnm.exe
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\FirewallAPI.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\credssp.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\comcat.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\bcrypt.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\adtschema.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\wow64cpu.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\wow64.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\wfapigp.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\sspisrv.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\srclient.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\setbcdlocale.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\secur32.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\oleres.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\msobjs.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\msaudite.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\MPSSVC.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\lsass.exe
2018-07-12 19:03:14 ----A---- C:\windows\system32\jscript.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\ieetwcollectorres.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\ieapfltr.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\icfupgd.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\FirewallAPI.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbuhci.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbohci.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbehci.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbd.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\appid.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\cryptbase.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\credssp.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\comcat.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\appidpolicyconverter.exe
2018-07-12 19:03:14 ----A---- C:\windows\system32\appidcertstorecheck.exe
2018-07-12 19:03:14 ----A---- C:\windows\system32\apisetschema.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\adtschema.dll

======List of files/folders modified in the last 1 month======

2018-07-31 11:27:02 ----D---- C:\Program Files\trend micro
2018-07-31 11:27:01 ----D---- C:\windows\Temp
2018-07-31 10:25:47 ----D---- C:\windows\system32\config
2018-07-31 10:04:11 ----D---- C:\windows\inf
2018-07-31 10:04:11 ----AD---- C:\windows\System32
2018-07-31 10:04:11 ----A---- C:\windows\system32\PerfStringBackup.INI
2018-07-31 10:02:15 ----A---- C:\windows\SYSWOW64\log.txt
2018-07-31 09:58:08 ----D---- C:\Program Files (x86)\TeamViewer
2018-07-31 09:57:55 ----D---- C:\ProgramData\NVIDIA
2018-07-30 18:45:22 ----D---- C:\windows\system32\catroot
2018-07-30 16:44:38 ----D---- C:\Config.Msi
2018-07-30 10:40:34 ----D---- C:\windows\system32\NDF
2018-07-30 09:02:12 ----SHD---- C:\windows\Installer
2018-07-30 09:01:47 ----RD---- C:\Program Files
2018-07-30 09:01:07 ----SHD---- C:\System Volume Information
2018-07-30 08:38:45 ----SD---- C:\Users\ideacentre\AppData\Roaming\Microsoft
2018-07-30 08:38:29 ----RD---- C:\Program Files (x86)
2018-07-30 08:38:28 ----RD---- C:\Program Files (x86)\Skype
2018-07-30 08:38:28 ----D---- C:\ProgramData\Skype
2018-07-30 08:38:28 ----D---- C:\Program Files (x86)\Common Files
2018-07-30 08:35:23 ----D---- C:\Users\ideacentre\AppData\Roaming\Skype
2018-07-25 17:41:30 ----D---- C:\windows\system32\catroot2
2018-07-25 14:19:09 ----D---- C:\Users\ideacentre\AppData\Roaming\MyPhoneExplorer
2018-07-25 08:33:31 ----D---- C:\windows\system32\Tasks
2018-07-25 08:04:35 ----D---- C:\Program Files (x86)\Adobe
2018-07-25 08:02:10 ----D---- C:\Program Files\Adobe
2018-07-24 13:03:55 ----RSD---- C:\windows\Fonts
2018-07-24 13:03:09 ----D---- C:\windows\SysWOW64
2018-07-24 13:03:09 ----D---- C:\Users\ideacentre\AppData\Roaming\Adobe
2018-07-24 13:03:09 ----D---- C:\ProgramData\Adobe
2018-07-24 12:58:32 ----D---- C:\Program Files\Common Files
2018-07-24 11:55:23 ----D---- C:\Program Files (x86)\AppCleaner
2018-07-24 11:53:18 ----HD---- C:\ProgramData
2018-07-24 11:52:23 ----D---- C:\windows\system32\drivers
2018-07-24 11:50:32 ----D---- C:\windows\Tasks
2018-07-24 11:31:09 ----D---- C:\windows\system32\DriverStore
2018-07-24 08:36:54 ----D---- C:\windows\Microsoft.NET
2018-07-23 10:12:41 ----RSD---- C:\windows\assembly
2018-07-23 09:32:20 ----D---- C:\windows\winsxs
2018-07-23 09:28:26 ----D---- C:\windows\system32\appraiser
2018-07-23 09:28:17 ----D---- C:\Program Files\Internet Explorer
2018-07-23 09:28:17 ----D---- C:\Program Files (x86)\Internet Explorer
2018-07-23 09:28:16 ----D---- C:\windows\SYSWOW64\sk-SK
2018-07-23 09:28:16 ----D---- C:\windows\SYSWOW64\en-US
2018-07-23 09:28:13 ----D---- C:\windows\system32\sk-SK
2018-07-23 09:28:13 ----D---- C:\windows\system32\en-US
2018-07-23 09:28:13 ----D---- C:\windows\system32\drivers\en-US
2018-07-23 09:28:09 ----D---- C:\windows\AppPatch
2018-07-23 09:28:08 ----D---- C:\windows\system32\Boot
2018-07-17 00:02:20 ----N---- C:\windows\system32\MpSigStub.exe
2018-07-16 08:48:30 ----D---- C:\ProgramData\Microsoft Help
2018-07-16 08:16:36 ----D---- C:\Program Files (x86)\Dropbox
2018-07-16 08:13:31 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2018-07-16 08:13:25 ----D---- C:\windows\system32\Macromed
2018-07-16 08:13:22 ----D---- C:\windows\SYSWOW64\Macromed
2018-07-12 19:09:52 ----D---- C:\windows\system32\MRT
2018-07-12 19:01:55 ----AC---- C:\windows\system32\MRT.exe
2018-07-03 15:19:15 ----D---- C:\Users\ideacentre\AppData\Roaming\TeamViewer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 EMSC;COMPAL Embedded System Control; C:\windows\system32\DRIVERS\EMSC.SYS [2009-06-27 16752]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-12-24 57952]
R0 fltsrv;Acronis Storage Filter Management; C:\windows\system32\DRIVERS\fltsrv.sys [2014-03-12 116000]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808]
R0 pwdrvio;pwdrvio; C:\windows\system32\pwdrvio.sys [2013-09-30 19152]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 snapman;Acronis Snapshots Manager; C:\windows\system32\DRIVERS\snapman.sys [2014-03-12 269600]
R0 tib;Acronis TIB Manager; C:\windows\system32\DRIVERS\tib.sys [2014-03-12 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\windows\system32\DRIVERS\tib_mounter.sys [2014-03-12 183224]
R0 vididr;Acronis Virtual Disk; C:\windows\system32\DRIVERS\vididr.sys [2014-03-12 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\windows\system32\DRIVERS\vidsflt.sys [2014-03-12 117024]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-12-24 13408]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 245952]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 179544]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2015-07-14 170768]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2011-02-11 35344]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2013-04-18 11576]
R3 afcdp;afcdp; C:\windows\system32\DRIVERS\afcdp.sys [2014-03-12 367200]
R3 AVerPola;AVerMedia USB Polaris Series Capture Service; C:\windows\system32\DRIVERS\AVerPola.sys [2010-06-22 504064]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2014-07-18 599288]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2012-05-02 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2010-12-20 316080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-01-19 2719336]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2011-05-10 174184]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\windows\system32\DRIVERS\RtsPStor.sys [2010-10-29 326760]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
R3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
R3 VMC412;Vimicro Camera Service VMC412; C:\windows\System32\Drivers\VMC412.sys [2010-08-18 239872]
S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2011-01-20 89128]
S3 dbx;dbx; C:\windows\system32\DRIVERS\dbx.sys []
S3 epmntdrv;epmntdrv; \??\C:\windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 FTDIBUS;USB Serial Converter Driver; C:\windows\system32\drivers\ftdibus.sys [2017-08-24 129456]
S3 FTSER2K;USB Serial Port Driver; C:\windows\system32\drivers\ftser2k.sys [2016-10-04 88752]
S3 fwlanusb6_860;AVM FRITZ!WLAN AC 860; C:\windows\system32\DRIVERS\fwlanusb6_860.sys [2015-07-20 2274336]
S3 GemCCID;GemCCID; C:\windows\system32\DRIVERS\GemCCID.sys [2014-11-10 130944]
S3 ggflt;SOMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2014-10-01 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsomc.sys [2014-10-01 30424]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2016-06-29 192216]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\windows\system32\DRIVERS\netaapl64.sys [2014-06-10 23040]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdspio;pwdspio; \??\C:\windows\system32\pwdspio.sys [2013-09-30 12504]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-09-16 1101928]
S3 ss_conn_usb_driver;SAMSUNG Mobile USB Connectivity Device Driver; C:\windows\System32\Drivers\ss_conn_usb_driver.sys [2017-01-16 43648]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\windows\system32\DRIVERS\tdrpman.sys [2014-03-12 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2015-06-17 54784]
S3 usbser;USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-08-21 1144688]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-03-12 3869688]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-05-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-05-11 2128872]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-07-05 83768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2014-07-17 1008384]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
R2 DbxSvc;DbxSvc; C:\windows\system32\DbxSvc.exe [2018-07-13 51392]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2015-10-29 382312]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2015-07-27 1042064]
R2 GoProDeviceDetectionService;GoPro Device Detection Service; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [2016-11-14 37808]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\windows\system32\IProsetMonitor.exe [2010-09-22 165032]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-05-13 1006696]
R2 PelService;Session Launcher Service; C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe [2012-03-13 178688]
R2 Samsung Network Fax Server;Samsung Network Fax Server; C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [2013-02-05 506928]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-01-16 752224]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-13 378472]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-09-02 9742080]
R2 TeamViewer;TeamViewer 13; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-04-03 11293936]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-07-06 674104]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-03 143144]
S2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2016-02-10 9216]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-16 335872]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-03 143144]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [2015-07-08 44744]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2015-07-08 192200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-02-10 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-17 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 161472]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2014-01-20 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------
Nahoru
solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: pocitac s win 7 sa mi vzdy tak cca za 3 hodiny vypne, vi

#2 Příspěvek od solide »

este druhy log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014 (ATTENTION: ====> FRST version is 1561 days old and could be outdated)
Ran by ideacentre (administrator) on IDEACENTRE-PC on 31-07-2018 11:33:44
Running from C:\Users\ideacentre\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
(EasySync Solutions) C:\Program Files\EasySync Solutions\EasySync CryptoMonitor\CryptoMonitor.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Intel Corporation) C:\windows\system32\IProsetMonitor.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
() C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
(Samsung Electronics Co., Ltd.) C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\windows\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\windows\system32\cmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AppWork GmbH) F:\instalacky programov\JDownloader-2.0-DC-31.03.2016\JDownloader 2 24052016\JDownloader-2.0-DC-04.05.2016-Portable\JDownloader 2.0 DC 04.05.2016\JDownloader2.exe
(Microsoft Corporation) C:\windows\system32\calc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Teacher\TEACHER.EXE
() C:\Program Files (x86)\PC Translator\wtran32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\windows\System32\MsSpellCheckingFacility.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [Služba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519504 2013-08-21] (Acronis)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4150472 2015-07-23] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [225280 2009-08-25] (JME)
HKLM-x32\...\Run: [Bluetooth Manager] => C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe [552448 2010-07-17] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3754168 2018-07-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2015-05-25] (Siber Systems)
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\Run: [] => [X]
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\Run: [Google Update] => C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-22] (Google Inc.)
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49654728 2018-06-26] (Skype Technologies S.A.)
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4082759503-1401401991-2524271345-1001\...\MountPoints2: {ab7241e1-f264-11e4-8b58-e4d53de0aa9f} - H:\Startme.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 0x628722ED6B0FD301
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 0000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 0000000000
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {E7EFF62D-7BE3-4B9D-882C-651DF0A1C708} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_27368
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: No Name - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No File
BHO: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} - No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
Handler-x32: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\ideacentre\AppData\Roaming\Mozilla\Firefox\Profiles\m8jb4xws.default
FF SearchEngineOrder.1: Google
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 - C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 - C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\ideacentre\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\ideacentre\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\ideacentre\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ideacentre\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: WebTran - C:\Users\ideacentre\AppData\Roaming\Mozilla\Firefox\Profiles\m8jb4xws.default\Extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}.xpi [2014-02-05]
FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com\
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: Roboform Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2015-05-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2018-07-24]

Chrome:
=======
CHR Extension: (Docs) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-11]
CHR Extension: (Google Drive) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-11]
CHR Extension: (YouTube) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-11]
CHR Extension: (Adblock Plus) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-02-17]
CHR Extension: (uBlock Origin) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-08-09]
CHR Extension: (Google Search) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-11]
CHR Extension: (Notifier for Gmail™) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2017-01-10]
CHR Extension: (iCloud Bookmarks) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2017-08-09]
CHR Extension: (Google Docs Offline) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (No Name) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2016-06-07]
CHR Extension: (my-AGP-static-filters_{{datetime}}.txt) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdikhbipablckcgmdcabdgjbjeekgiij [2017-08-09]
CHR Extension: (Web Page Photo) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedlbjjchkdhddjjifhocllkoejhjcai [2017-08-09]
CHR Extension: (RoboForm Lite Password Manager) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidhjpmgjfbkmcfpfakmdddddgfbhahj [2014-05-06]
CHR Extension: (my-AGP-static-filters_{{datetime}}.txt) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\licmbhljclllpopoepjdfinknpmpbhep [2017-08-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-20]
CHR Extension: (Stop Ads for Facebook™) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\odfahokplafhlibeoafadgpbfdipodpp [2017-08-09]
CHR Extension: (Gmail) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-11]
CHR Extension: (Chrome Media Router) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-03]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2018-07-16]

==================== Services (Whitelisted) =================

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-03] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51392 2018-07-13] (Dropbox, Inc.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1386496 2016-08-22] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-29] (Digital Wave Ltd.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [44744 2015-07-08] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1042064 2015-07-27] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [192200 2015-07-08] (ESET)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-02-10] (Ellora Assets Corp.)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-11-14] ()
R2 Intel(R) PROSet Monitoring Service; C:\windows\SysWOW64\IProsetMonitor.exe [0 2014-02-07] ()
R2 NVSvc; C:\Windows\SysWOW64\nvvsvc.exe [0 2014-02-07] ()
R2 PelService; C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe [178688 2012-03-13] ()
R2 Samsung Network Fax Server; C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [506928 2013-02-05] (Samsung Electronics Co., Ltd.)
R2 Spooler; C:\Windows\SysWOW64\spoolsv.exe [0 2014-02-07] ()
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)

==================== Drivers (Whitelisted) ====================

R3 AVerPola; C:\Windows\System32\DRIVERS\AVerPola.sys [504064 2010-06-22] (AVerMedia TECHNOLOGIES, Inc.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89128 2011-01-20] (Broadcom Corporation.)
R3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [245952 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [179544 2015-07-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [170768 2015-07-14] (ESET)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [129456 2017-08-24] (Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [88752 2016-10-04] ()
S3 fwlanusb6_860; C:\Windows\System32\DRIVERS\fwlanusb6_860.sys [2274336 2015-07-20] (AVM GmbH)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-10-01] (Sony Mobile Communications)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-29] (Malwarebytes)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [43648 2017-01-16] (Samsung Electronics Co., Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-03-12] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-03-12] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-03-12] (Acronis International GmbH)
R3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [239872 2010-08-18] (Vimicro Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2018-07-31 11:33 - 2018-07-31 11:33 - 00029244 _____ () C:\Users\ideacentre\Desktop\FRST.txt
2018-07-31 11:27 - 2018-07-31 11:27 - 00000000 ____D () C:\rsit
2018-07-30 09:01 - 2018-07-30 09:01 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2018-07-30 09:01 - 2018-07-30 09:01 - 00000000 ____D () C:\Program Files\iPod
2018-07-30 09:00 - 2018-07-30 09:01 - 00000000 ____D () C:\Program Files\iTunes
2018-07-30 08:38 - 2018-07-30 08:38 - 00001310 _____ () C:\Users\Public\Desktop\Skype.lnk
2018-07-25 08:33 - 2018-07-25 08:33 - 00003478 _____ () C:\windows\System32\Tasks\AdobeGCInvoker-1.0-ideacentre-PC-ideacentre
2018-07-25 07:56 - 2018-07-25 07:56 - 00001522 _____ () C:\Users\Public\Desktop\Adobe Application Manager.lnk
2018-07-24 13:28 - 2018-07-24 13:28 - 00001211 _____ () C:\Users\ideacentre\Desktop\Adobe Photoshop CS6.lnk
2018-07-24 13:06 - 2018-07-24 13:06 - 00003522 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-ideacentre-PC-ideacentre
2018-07-24 12:58 - 2018-07-25 08:07 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2018-07-24 12:34 - 2018-07-24 12:34 - 00000000 ____D () C:\Program Files\Common Files\AV
2018-07-24 11:22 - 2018-07-24 11:22 - 00000000 ____D () C:\ProgramData\ESET
2018-07-24 11:22 - 2018-07-24 11:22 - 00000000 ____D () C:\Program Files\ESET
2018-07-24 11:18 - 2018-07-24 13:45 - 00000000 ____D () C:\install
2018-07-17 13:53 - 2018-07-17 13:53 - 00000000 ____D () C:\Users\ideacentre\AppData\Local\SanDiskSecureAccessV2_win
2018-07-13 04:01 - 2018-07-13 04:01 - 00051392 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2018-07-13 04:01 - 2018-07-13 04:01 - 00050232 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2018-07-13 04:01 - 2018-07-13 04:01 - 00045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2018-07-13 04:01 - 2018-07-13 04:01 - 00045640 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2018-07-12 19:03 - 2018-06-21 02:58 - 00398376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-07-12 19:03 - 2018-06-21 02:00 - 00348824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-07-12 19:03 - 2018-06-16 19:07 - 25743872 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-07-12 19:03 - 2018-06-16 18:46 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2018-07-12 19:03 - 2018-06-16 18:46 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2018-07-12 19:03 - 2018-06-16 18:36 - 20286464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-07-12 19:03 - 2018-06-16 18:33 - 02902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-07-12 19:03 - 2018-06-16 18:32 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2018-07-12 19:03 - 2018-06-16 18:31 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-07-12 19:03 - 2018-06-16 18:31 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2018-07-12 19:03 - 2018-06-16 18:31 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2018-07-12 19:03 - 2018-06-16 18:30 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-07-12 19:03 - 2018-06-16 18:27 - 05779968 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-07-12 19:03 - 2018-06-16 18:24 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2018-07-12 19:03 - 2018-06-16 18:23 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2018-07-12 19:03 - 2018-06-16 18:20 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2018-07-12 19:03 - 2018-06-16 18:19 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2018-07-12 19:03 - 2018-06-16 18:19 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-07-12 19:03 - 2018-06-16 18:19 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-07-12 19:03 - 2018-06-16 18:19 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2018-07-12 19:03 - 2018-06-16 18:19 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2018-07-12 19:03 - 2018-06-16 18:12 - 00969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2018-07-12 19:03 - 2018-06-16 18:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2018-07-12 19:03 - 2018-06-16 18:06 - 00498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-07-12 19:03 - 2018-06-16 18:06 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2018-07-12 19:03 - 2018-06-16 18:05 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2018-07-12 19:03 - 2018-06-16 18:05 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2018-07-12 19:03 - 2018-06-16 18:04 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2018-07-12 19:03 - 2018-06-16 18:02 - 02295296 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2018-07-12 19:03 - 2018-06-16 18:02 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2018-07-12 19:03 - 2018-06-16 18:02 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2018-07-12 19:03 - 2018-06-16 18:01 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2018-07-12 19:03 - 2018-06-16 17:59 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2018-07-12 19:03 - 2018-06-16 17:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2018-07-12 19:03 - 2018-06-16 17:58 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2018-07-12 19:03 - 2018-06-16 17:57 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2018-07-12 19:03 - 2018-06-16 17:57 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-07-12 19:03 - 2018-06-16 17:56 - 00662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-07-12 19:03 - 2018-06-16 17:56 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2018-07-12 19:03 - 2018-06-16 17:55 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2018-07-12 19:03 - 2018-06-16 17:55 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-07-12 19:03 - 2018-06-16 17:53 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2018-07-12 19:03 - 2018-06-16 17:47 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2018-07-12 19:03 - 2018-06-16 17:46 - 15283200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-07-12 19:03 - 2018-06-16 17:44 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2018-07-12 19:03 - 2018-06-16 17:42 - 00809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-07-12 19:03 - 2018-06-16 17:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-07-12 19:03 - 2018-06-16 17:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2018-07-12 19:03 - 2018-06-16 17:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-12 19:03 - 2018-06-16 17:41 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2018-07-12 19:03 - 2018-06-16 17:40 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2018-07-12 19:03 - 2018-06-16 17:39 - 02135552 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-07-12 19:03 - 2018-06-16 17:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2018-07-12 19:03 - 2018-06-16 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2018-07-12 19:03 - 2018-06-16 17:37 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2018-07-12 19:03 - 2018-06-16 17:36 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2018-07-12 19:03 - 2018-06-16 17:34 - 04496384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-07-12 19:03 - 2018-06-16 17:32 - 13680128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-07-12 19:03 - 2018-06-16 17:30 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2018-07-12 19:03 - 2018-06-16 17:29 - 00696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-07-12 19:03 - 2018-06-16 17:28 - 02060288 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-07-12 19:03 - 2018-06-16 17:27 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-07-12 19:03 - 2018-06-16 17:27 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2018-07-12 19:03 - 2018-06-16 17:16 - 01545216 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-07-12 19:03 - 2018-06-16 17:08 - 02767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-07-12 19:03 - 2018-06-16 17:05 - 01313792 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-07-12 19:03 - 2018-06-16 17:04 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-07-12 19:03 - 2018-06-16 17:04 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-07-12 19:03 - 2018-06-13 18:23 - 00140992 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2018-07-12 19:03 - 2018-06-13 18:20 - 14185984 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-07-12 19:03 - 2018-06-13 18:19 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2018-07-12 19:03 - 2018-06-13 18:18 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2018-07-12 19:03 - 2018-06-13 17:55 - 12880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2018-07-12 19:03 - 2018-06-13 17:54 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2018-07-12 19:03 - 2018-06-13 17:40 - 03226112 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-07-12 19:03 - 2018-06-08 18:27 - 05577408 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-07-12 19:03 - 2018-06-08 18:27 - 00708288 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-07-12 19:03 - 2018-06-08 18:27 - 00262336 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-07-12 19:03 - 2018-06-08 18:27 - 00154816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2018-07-12 19:03 - 2018-06-08 18:27 - 00095424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2018-07-12 19:03 - 2018-06-08 18:23 - 00631640 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-07-12 19:03 - 2018-06-08 18:22 - 01665344 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-07-12 19:03 - 2018-06-08 18:21 - 00369664 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll
2018-07-12 19:03 - 2018-06-08 18:21 - 00361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2018-07-12 19:03 - 2018-06-08 18:21 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2018-07-12 19:03 - 2018-06-08 18:21 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2018-07-12 19:03 - 2018-06-08 18:21 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2018-07-12 19:03 - 2018-06-08 18:21 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 02066432 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 01211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2018-07-12 19:03 - 2018-06-08 18:20 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2018-07-12 19:03 - 2018-06-08 18:19 - 00357888 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2018-07-12 19:03 - 2018-06-08 18:19 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2018-07-12 19:03 - 2018-06-08 18:19 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-07-12 19:03 - 2018-06-08 18:19 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2018-07-12 19:03 - 2018-06-08 18:19 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2018-07-12 19:03 - 2018-06-08 18:19 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:18 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 18:02 - 04050624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2018-07-12 19:03 - 2018-06-08 18:02 - 03962048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2018-07-12 19:03 - 2018-06-08 17:57 - 01314072 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 01417728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00330240 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2018-07-12 19:03 - 2018-06-08 17:55 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:44 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-07-12 19:03 - 2018-06-08 17:44 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2018-07-12 19:03 - 2018-06-08 17:44 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\dnscacheugc.exe
2018-07-12 19:03 - 2018-06-08 17:44 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-07-12 19:03 - 2018-06-08 17:43 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2018-07-12 19:03 - 2018-06-08 17:39 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2018-07-12 19:03 - 2018-06-08 17:38 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2018-07-12 19:03 - 2018-06-08 17:38 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2018-07-12 19:03 - 2018-06-08 17:34 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2018-07-12 19:03 - 2018-06-08 17:34 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-07-12 19:03 - 2018-06-08 17:34 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2018-07-12 19:03 - 2018-06-08 17:33 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2018-07-12 19:03 - 2018-06-08 17:33 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2018-07-12 19:03 - 2018-06-08 17:29 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
2018-07-12 19:03 - 2018-06-08 17:28 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnscacheugc.exe
2018-07-12 19:03 - 2018-06-08 17:27 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2018-07-12 19:03 - 2018-06-08 17:21 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2018-07-12 19:03 - 2018-06-08 17:21 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2018-07-12 19:03 - 2018-06-08 17:21 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2018-07-12 19:03 - 2018-06-08 17:21 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2018-07-12 19:03 - 2018-06-08 17:19 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2018-07-12 19:03 - 2018-06-08 17:19 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:19 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:19 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 17:19 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-12 19:03 - 2018-06-08 15:05 - 02860032 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2018-07-12 19:03 - 2018-06-08 15:05 - 01602048 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2018-07-12 19:03 - 2018-06-08 15:05 - 00783872 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2018-07-12 19:03 - 2018-06-08 15:05 - 00612352 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2018-07-12 19:03 - 2018-06-08 15:05 - 00470016 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2018-07-12 19:03 - 2018-06-08 15:05 - 00443392 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2018-07-12 19:03 - 2018-06-08 15:05 - 00301056 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2018-07-12 19:03 - 2018-06-08 15:05 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2018-07-12 19:03 - 2018-06-07 18:20 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll
2018-07-12 19:03 - 2018-06-07 18:19 - 00828928 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2018-07-12 19:03 - 2018-06-07 18:19 - 00749568 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2018-07-12 19:03 - 2018-06-07 18:19 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\icfupgd.dll
2018-07-12 19:03 - 2018-06-07 17:57 - 00463360 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2018-07-12 19:03 - 2018-06-07 17:49 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-07-12 19:03 - 2018-06-07 17:34 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfapigp.dll
2018-07-12 19:03 - 2018-05-31 18:28 - 01893568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-07-12 19:03 - 2018-05-31 18:28 - 00377024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2018-07-12 19:03 - 2018-05-31 18:28 - 00287936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2018-07-12 19:03 - 2018-05-02 17:32 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2018-07-12 19:03 - 2018-05-02 17:32 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2018-07-12 19:03 - 2018-05-02 17:32 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2018-07-12 19:03 - 2018-05-02 17:32 - 00056320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2018-07-12 19:03 - 2018-05-02 17:32 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2018-07-12 19:03 - 2018-05-02 17:32 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2018-07-12 19:03 - 2018-05-02 17:32 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2018-07-12 19:03 - 2018-04-26 15:05 - 00998912 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00918296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00065880 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00063832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00021848 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00020824 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00019288 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00018776 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00016216 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00015704 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00015704 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00015192 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00013656 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00013152 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00012632 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-12 19:03 - 2018-04-26 15:05 - 00011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-12 19:03 - 2018-04-25 18:02 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\wkssvc.dll
2018-07-12 19:03 - 2018-04-25 17:18 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys

==================== One Month Modified Files and Folders =======

2018-07-31 11:34 - 2018-07-31 11:33 - 00029244 _____ () C:\Users\ideacentre\Desktop\FRST.txt
2018-07-31 11:33 - 2014-04-23 12:13 - 00000000 ____D () C:\FRST
2018-07-31 11:31 - 2014-01-20 17:09 - 00000000 ____D () C:\Users\ideacentre\Documents\Súbory programu Outlook
2018-07-31 11:27 - 2018-07-31 11:27 - 00000000 ____D () C:\rsit
2018-07-31 11:27 - 2014-02-10 12:29 - 00000000 ____D () C:\Program Files\trend micro
2018-07-31 10:55 - 2016-08-03 10:23 - 00000916 _____ () C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-07-31 10:29 - 2009-07-14 06:45 - 00020688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-31 10:29 - 2009-07-14 06:45 - 00020688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-31 10:15 - 2011-12-24 00:18 - 01248002 _____ () C:\windows\WindowsUpdate.log
2018-07-31 10:10 - 2014-01-21 13:14 - 00000000 ____D () C:\Users\ideacentre\AppData\Local\Adobe
2018-07-31 10:04 - 2009-07-14 07:13 - 00006470 _____ () C:\windows\system32\PerfStringBackup.INI
2018-07-31 10:01 - 2018-05-16 14:19 - 00021625 _____ () C:\windows\setupact.log
2018-07-31 09:58 - 2014-01-17 16:39 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2018-07-31 09:57 - 2011-12-24 00:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2018-07-31 09:56 - 2016-08-03 10:23 - 00000912 _____ () C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-07-31 09:56 - 2011-12-24 01:17 - 00209424 _____ () C:\windows\system32\fastboot.set
2018-07-31 09:56 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2018-07-31 09:55 - 2018-05-16 14:40 - 00012054 _____ () C:\windows\PFRO.log
2018-07-30 10:40 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2018-07-30 09:01 - 2018-07-30 09:01 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2018-07-30 09:01 - 2018-07-30 09:01 - 00000000 ____D () C:\Program Files\iPod
2018-07-30 09:01 - 2018-07-30 09:00 - 00000000 ____D () C:\Program Files\iTunes
2018-07-30 08:38 - 2018-07-30 08:38 - 00001310 _____ () C:\Users\Public\Desktop\Skype.lnk
2018-07-30 08:38 - 2017-06-19 11:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2018-07-30 08:38 - 2014-01-20 19:16 - 00000000 ____D () C:\ProgramData\Skype
2018-07-30 08:35 - 2014-01-20 19:16 - 00000000 ____D () C:\Users\ideacentre\AppData\Roaming\Skype
2018-07-25 17:03 - 2014-02-06 15:34 - 00000121 _____ () C:\Users\Public\LMDebug.log
2018-07-25 14:19 - 2014-01-21 14:51 - 00000000 ____D () C:\Users\ideacentre\AppData\Roaming\MyPhoneExplorer
2018-07-25 08:33 - 2018-07-25 08:33 - 00003478 _____ () C:\windows\System32\Tasks\AdobeGCInvoker-1.0-ideacentre-PC-ideacentre
2018-07-25 08:07 - 2018-07-24 12:58 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2018-07-25 08:04 - 2014-02-07 14:13 - 00000000 ____D () C:\Program Files (x86)\Adobe
2018-07-25 08:02 - 2015-09-04 16:34 - 00000000 ____D () C:\Program Files\Adobe
2018-07-25 07:56 - 2018-07-25 07:56 - 00001522 _____ () C:\Users\Public\Desktop\Adobe Application Manager.lnk
2018-07-24 14:57 - 2009-07-14 06:45 - 05035872 _____ () C:\windows\system32\FNTCACHE.DAT
2018-07-24 13:45 - 2018-07-24 11:18 - 00000000 ____D () C:\install
2018-07-24 13:28 - 2018-07-24 13:28 - 00001211 _____ () C:\Users\ideacentre\Desktop\Adobe Photoshop CS6.lnk
2018-07-24 13:06 - 2018-07-24 13:06 - 00003522 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-ideacentre-PC-ideacentre
2018-07-24 13:05 - 2014-01-16 15:59 - 00114928 _____ () C:\Users\ideacentre\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-24 13:03 - 2014-02-10 12:00 - 00000000 ____D () C:\ProgramData\Adobe
2018-07-24 13:03 - 2014-01-16 16:01 - 00000000 ____D () C:\Users\ideacentre\AppData\Roaming\Adobe
2018-07-24 12:34 - 2018-07-24 12:34 - 00000000 ____D () C:\Program Files\Common Files\AV
2018-07-24 11:55 - 2016-06-29 09:33 - 00000000 ____D () C:\Program Files (x86)\AppCleaner
2018-07-24 11:22 - 2018-07-24 11:22 - 00000000 ____D () C:\ProgramData\ESET
2018-07-24 11:22 - 2018-07-24 11:22 - 00000000 ____D () C:\Program Files\ESET
2018-07-23 11:16 - 2018-05-23 10:30 - 00000000 ____D () C:\Users\ideacentre\AppData\Local\Viber
2018-07-23 09:33 - 2016-08-17 09:36 - 00000000 ___RD () C:\Users\ideacentre\Podcasts
2018-07-23 09:33 - 2014-01-16 15:58 - 00000000 ___RD () C:\Users\ideacentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2018-07-23 09:33 - 2014-01-16 15:58 - 00000000 ___RD () C:\Users\ideacentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2018-07-23 09:28 - 2015-04-16 09:41 - 00000000 ____D () C:\windows\system32\appraiser
2018-07-23 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sk-SK
2018-07-23 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\sk-SK
2018-07-17 13:53 - 2018-07-17 13:53 - 00000000 ____D () C:\Users\ideacentre\AppData\Local\SanDiskSecureAccessV2_win
2018-07-17 13:45 - 2016-04-18 16:41 - 00000000 ____D () C:\Users\ideacentre\AppData\Local\CrashDumps
2018-07-17 00:02 - 2010-11-21 05:27 - 00563832 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2018-07-16 08:48 - 2014-01-19 19:58 - 00000000 ____D () C:\ProgramData\Microsoft Help
2018-07-16 08:16 - 2016-08-03 10:23 - 00000000 ____D () C:\Program Files (x86)\Dropbox
2018-07-16 08:13 - 2017-02-06 17:21 - 00004470 _____ () C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-07-16 08:13 - 2014-02-25 20:40 - 00004312 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-07-16 08:13 - 2014-02-04 16:19 - 00842240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-07-16 08:13 - 2014-02-04 16:19 - 00175104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-16 08:13 - 2014-02-04 16:19 - 00000000 ____D () C:\windows\system32\Macromed
2018-07-16 08:13 - 2011-12-24 01:04 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2018-07-16 08:03 - 2014-01-16 15:58 - 00000000 ____D () C:\Users\ideacentre
2018-07-13 04:01 - 2018-07-13 04:01 - 00051392 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2018-07-13 04:01 - 2018-07-13 04:01 - 00050232 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2018-07-13 04:01 - 2018-07-13 04:01 - 00045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2018-07-13 04:01 - 2018-07-13 04:01 - 00045640 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2018-07-12 19:09 - 2014-01-22 17:13 - 00000000 ____D () C:\windows\system32\MRT
2018-07-12 19:01 - 2014-01-22 17:13 - 134675576 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-07-12 18:50 - 2018-04-18 08:26 - 00004482 _____ () C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-03 15:19 - 2014-01-28 14:47 - 00000000 ____D () C:\Users\ideacentre\AppData\Roaming\TeamViewer
2018-07-02 09:56 - 2017-01-12 12:18 - 00000000 ____D () C:\Users\ideacentre\Desktop\Dobraci
2018-07-02 09:22 - 2014-05-24 19:52 - 00000000 ____D () C:\Users\ideacentre\Documents\Scan

Files to move or delete:
====================
C:\ProgramData\flashax10.exe


Some content of TEMP:
====================
C:\Users\Administrator.ideacentre-PC\AppData\Local\Temp\bziw7-fw.dll
C:\Users\ideacentre\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\ideacentre\AppData\Local\Temp\proxy_vole2116827917533164563.dll
C:\Users\ideacentre\AppData\Local\Temp\proxy_vole6504343424301160000.dll
C:\Users\ideacentre\AppData\Local\Temp\proxy_vole8711444267925957368.dll
C:\Users\ideacentre\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ivetka\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2018-04-20 14:47] - [2018-01-01 03:50] - 0455680 ____A (Microsoft Corporation) 11D6A262B617130F7C16E308C12E0D41

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2016-10-12 08:31] - [2016-08-29 17:04] - 3229696 ____A (Microsoft Corporation) 38AE1B3C38FAEF56FE4907922F0385BA

C:\Windows\SysWOW64\explorer.exe
[2016-10-12 08:31] - [2016-08-29 16:55] - 2972672 ____A (Microsoft Corporation) 6DDCA324434FFA506CF7DC4E51DB7935

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2015-05-13 20:43] - [2015-04-13 05:28] - 0328704 ____A (Microsoft Corporation) 71C85477DF9347FE8E7BC55768473FCA

C:\Windows\System32\User32.dll
[2016-12-14 09:41] - [2016-11-10 18:32] - 1009152 ____A (Microsoft Corporation) 34BA256FBF83457F9D5E51A56DB54542

C:\Windows\SysWOW64\User32.dll
[2016-12-14 09:41] - [2016-11-10 18:19] - 0833024 ____A (Microsoft Corporation) 3CB074875AC88A7C1010A2A7F9881A8C

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2018-07-12 19:03] - [2018-06-08 18:20] - 0512000 ____A (Microsoft Corporation) 43CCB07A71347064695B8852492DA126

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2018-06-20 19:01

==================== End Of Log ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118248
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: pocitac s win 7 sa mi vzdy tak cca za 3 hodiny vypne, vi

#3 Příspěvek od Rudy »

Zdravím!
Proč to sem dáváte 3x? Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: pocitac s win 7 sa mi vzdy tak cca za 3 hodiny vypne, vi

#4 Příspěvek od solide »

posielam Log z AdwCleaneru, po vylieceni a restarte. J

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-25.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-31-2018
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 12
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ProductUpdater
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Lenovo Eye Distance System
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Lenovo Dynamic Brightness System

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted mystartsearch
Deleted mystartsearch
Deleted iZito.com
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [85344 octets] - [31/07/2018 12:45:28]
AdwCleaner[C00].txt - [74561 octets] - [31/07/2018 12:46:10]
AdwCleaner[S01].txt - [2065 octets] - [31/07/2018 12:52:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118248
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: pocitac s win 7 sa mi vzdy tak cca za 3 hodiny vypne, vi

#5 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: pocitac s win 7 sa mi vzdy tak cca za 3 hodiny vypne, vi

#6 Příspěvek od solide »

Nech sa paci, tu je:

Logfile of random's system information tool 1.09 (written by random/random)
Run by ideacentre at 2018-07-31 14:23:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 228 GB (50%) free of 451 GB
Total RAM: 8172 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:23:31, on 31. 7. 2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\jmesoft\hotkey.exe
C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Siber Systems\AI RoboForm\Identities.exe
C:\windows\sysWow64\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\ideacentre.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 0000000000
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: (no name) - {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [Bluetooth Manager] C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Google Update] C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Uložiť - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Uložiť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Zobraziť panel nástrojov - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Nástrojová lišta RoboFormu - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: WSISVCUchrome - {78A543EB-3A61-4ED3 - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\windows\system32\DbxSvc.exe (file missing)
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: GoPro Device Detection Service (GoProDeviceDetectionService) - Unknown owner - C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\windows\system32\IProsetMonitor.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe
O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16882 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\DbxSvc.exe
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
taskeng.exe {2C40EA81-E003-444C-8EEF-DDC5FEB63EE9}
"taskhost.exe"
"C:\Program Files\EasySync Solutions\EasySync CryptoMonitor\CryptoMonitor.exe" /StartMinimized
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe"
C:\windows\system32\IProsetMonitor.exe
"C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe"
"C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe"
"C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
taskeng.exe {8C2CFC74-7D77-49BF-A874-42F233203206}
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4080
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\iTunes\iTunesHelper.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\wbem\wmiprvse.exe
/QuitInfo:00000000000005D8;00000000000005E8; /AddRef;
/QuitInfo:00000000000005F0;0000000000000614; /AddRef;
/QuitInfo:0000000000000620;00000000000005F8;
/loadhooks /Parent:000000000000130C
"C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-747bed4f-69a9-41bb-9fb2-7bf43c3b7b5a -SystemEventPortName:HostProcess-01fe3761-6f10-4b17-a8ba-40e49d686632 -IoCancelEventPortName:HostProcess-aa8186c3-3180-4224-b79f-0c1a92f6866a -NonStateChangingEventPortName:HostProcess-d1acd2e3-6cef-4678-aca6-3a48789fe4f4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5bd69f83-3533-41cc-b46e-bc5750bee37f -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\jmesoft\hotkey.exe"
"C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --capture-python --no-upload-gzip --no-rate-limit --database=C:\Users\ideacentre\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-53.4.67 --annotation=client_session_id=fc2df812-b373-4187-be9f-379e1a87abb7 --annotation=host_int_account1_boot=5552737739 --annotation=machine_id=e6871b05-5469-46fe-b647-30715c27e5d7 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xe0,0xe4,0xe8,0xdc,0xec,0x62ee8db8,0x62ee8dc8,0x62ee8dd8
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:fc2df812-b373-4187-be9f-379e1a87abb7 -target-handle:220 -target-shutdown-event:236 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -python-version:2.7.11 -method:collectupload -handler-pipe:\\.\pipe\crashpad_6028_KIUTQEYOXALHSGQQ
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --reporter-url=https://rink.hockeyapp.net/api/2/apps/a ... hes/upload --application-name=skype-preview "--crashes-directory=C:\Users\IDEACE~1\AppData\Local\Temp\skype-preview Crashes" --v=1
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe "
{17F0EE88-887B-493B-AD23-1848721924AE}
{2AF7C363-FBC8-408A-99D2-984A1042EC2B}
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --no-sandbox --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,19,20,22,23,24,27,49,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-accelerated-video-decode --gpu-vendor-id=0x10de --gpu-device-id=0x0deb --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.6859 --gpu-driver-date=5-13-2011 --service-request-channel-token=4618ECE32B89F7E84A5957BFEC4378E8 --mojo-platform-channel-handle=1316 /prefetch:2
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --ms-disable-indexeddb-transaction-timeout --no-sandbox --service-pipe-token=EF0704E60931DB460B0F13CD2FB593FF --lang=sk --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar\Preload.js" --context-id=2 --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=EF0704E60931DB460B0F13CD2FB593FF --renderer-client-id=4 --mojo-platform-channel-handle=1736 /prefetch:1
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --ms-disable-indexeddb-transaction-timeout --no-sandbox --service-pipe-token=9EBAA40E62D361B6A8BBADFA6525135C --lang=sk --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=true --webview-tag=true --no-sandbox --context-id=2 --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=9EBAA40E62D361B6A8BBADFA6525135C --renderer-client-id=6 --mojo-platform-channel-handle=2104 /prefetch:1
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\windows\system32\NOTEPAD.EXE" C:\AdwCleaner\Logs\AdwCleaner[C01].txt
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8004 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\ideacentre\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=68.0.3440.75 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7fedf0934d0,0x7fedf0934e0,0x7fedf0934f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8388 --on-initialized-event-handle=320 --parent-handle=324 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1108,3728410648388657297,4032501524564413034,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=A8ABF03142CBE08D89C61822D9F884EB --mojo-platform-channel-handle=1124 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1108,3728410648388657297,4032501524564413034,131072 --service-pipe-token=432ACE9C20100B7682636D904AA1E2A2 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=432ACE9C20100B7682636D904AA1E2A2 --renderer-client-id=3 --mojo-platform-channel-handle=2172 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1108,3728410648388657297,4032501524564413034,131072 --service-pipe-token=D5B85C563CB265FB1703828F5C0650C2 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=D5B85C563CB265FB1703828F5C0650C2 --renderer-client-id=4 --mojo-platform-channel-handle=1632 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1108,3728410648388657297,4032501524564413034,131072 --service-pipe-token=85209CFFA65CAF4BEFAF5859D1B0765B --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=85209CFFA65CAF4BEFAF5859D1B0765B --renderer-client-id=5 --mojo-platform-channel-handle=2736 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1108,3728410648388657297,4032501524564413034,131072 --service-pipe-token=9681E37792CA425D7CF57492EA58D260 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9681E37792CA425D7CF57492EA58D260 --renderer-client-id=6 --mojo-platform-channel-handle=2856 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1108,3728410648388657297,4032501524564413034,131072 --service-pipe-token=5BA9754DA89D5667834855F58FBC25C7 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5BA9754DA89D5667834855F58FBC25C7 --renderer-client-id=7 --mojo-platform-channel-handle=2964 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1108,3728410648388657297,4032501524564413034,131072 --service-pipe-token=1ADDB2AFAAF785D040F8F6E5F27FD9E2 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1ADDB2AFAAF785D040F8F6E5F27FD9E2 --renderer-client-id=8 --mojo-platform-channel-handle=3116 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1108,3728410648388657297,4032501524564413034,131072 --service-pipe-token=CCC20ABCE76D5CC46418EB65EBAC2547 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=CCC20ABCE76D5CC46418EB65EBAC2547 --renderer-client-id=9 --mojo-platform-channel-handle=3140 /prefetch:1
C:\windows\system32\cmd.exe /d /c "C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe" chrome-extension://fkepacicchenbjecpbpbclokcabebhah/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.9e1b19ce22098c4a > \\.\pipe\chrome.nativeMessaging.out.9e1b19ce22098c4a
\??\C:\windows\system32\conhost.exe "2127556740200209286120244304817096753202949632081394802117177521212141926892
"C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe" chrome-extension://fkepacicchenbjecpbpbclokcabebhah/ --parent-window=0
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1108,3728410648388657297,4032501524564413034,131072 --service-pipe-token=CD438C6DA8B253B038ED628049257A3B --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=CD438C6DA8B253B038ED628049257A3B --renderer-client-id=17 --mojo-platform-channel-handle=6200 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1108,3728410648388657297,4032501524564413034,131072 --service-pipe-token=E302A1BBC5377183773A8D45C7781FE1 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=E302A1BBC5377183773A8D45C7781FE1 --renderer-client-id=18 --mojo-platform-channel-handle=4816 /prefetch:1
"C:\windows\System32\MsSpellCheckingFacility.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1108,3728410648388657297,4032501524564413034,131072 --service-pipe-token=B1811CD23D16071F6995A1E41A6C21DB --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=B1811CD23D16071F6995A1E41A6C21DB --renderer-client-id=20 --mojo-platform-channel-handle=2024 /prefetch:1
"C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cd4c308a-e4e9-469b-98b9-527a53971375 -SystemEventPortName:HostProcess-f101e92d-996e-447a-b673-d70599f8a0bc -IoCancelEventPortName:HostProcess-8fd59ac8-9c4e-4ae7-8ec3-9c65af50af13 -NonStateChangingEventPortName:HostProcess-532475a1-f157-45d8-b36a-8e4044b418b8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6d5f3c76-6127-46d4-af4b-d153984d3e14 -DeviceGroupId:
"C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe"
"C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8004 CREDAT:1447184 /prefetch:2
"C:\windows\system32\calc.exe"
"C:\Program Files (x86)\Siber Systems\AI RoboForm\Identities.exe" F:\My RoboForm Data\Janko aktualne\Slsp - 3.rfp
C:\windows\splwow64.exe 8192
"C:\windows\sysWow64\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-4082759503-1401401991-2524271345-100123_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-4082759503-1401401991-2524271345-100123 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8004 CREDAT:2889118 /prefetch:2
"C:\windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe24_ Global\UsGthrCtrlFltPipeMssGthrPipe24 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\ideacentre\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\DropboxUpdateTaskMachineCore.job
C:\windows\tasks\DropboxUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\ideacentre\AppData\Roaming\Mozilla\Firefox\Profiles\m8jb4xws.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll


C:\Users\ideacentre\AppData\Roaming\Mozilla\Firefox\Profiles\m8jb4xws.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13 9498616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13 6101504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-04 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-04 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13 9498616]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13 6101504]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01 193136]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-01-18 11775592]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-08-21 519504]
"egui"=C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [2015-07-23 4150472]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11 316392]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2018-07-06 298296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"= []
"OEXPRESS"= []
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-05-25 107000]
""= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-09-28 8944344]
"Google Update"=C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [2018-05-22 601680]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-06-26 67384]
"AdobeBridge"= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-06-26 49654728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor]
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-01-10 1105328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleIEDAV]
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [2018-06-26 68408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2018-06-26 67896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [2009-12-05 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Daemon for Mouse Suite]
C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [2013-03-26 87040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-07-13 3754168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2013-03-29 2081792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eID_klient]
C:\Program Files (x86)\eID klient\eID_klient.exe [2017-04-11 6357560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoPro Tray App]
C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [2016-11-14 866224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudDrive]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2018-06-26 110392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-06-26 67384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iSkysoft Helper Compact.exe]
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2016-06-20 2131856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2018-07-06 298296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lenovo EE Boot Optimizer]
C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-12-24 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultSCR]
C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe [2009-12-31 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SideSync]
C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [2018-03-07 12476064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2015-09-23 457088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TMCMonitor]
C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe [2009-11-10 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-09-20 7801088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePRCShortCut]
C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage]
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray]
C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Network PC Fax.lnk]
C:\Windows\System32\spool\drivers\x64\3\NETFAX~2.EXE [2013-02-05 380976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\PROGRA~1\SRSLAB~1\SRSCON~1\SRSPAN~1.EXE [2011-06-15 2091864]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"=C:\Program Files (x86)\jmesoft\hotkey.exe [2009-08-25 225280]
"Bluetooth Manager"=C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe [2010-07-17 552448]
""= []
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-07-13 3754168]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"wave8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.CFHD"=CFHD.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"vidc.tscc"=C:\windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\windows\SysWOW64\tsc2_codec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-07-31 12:42:36 ----D---- C:\AdwCleaner
2018-07-31 11:27:00 ----D---- C:\rsit
2018-07-30 09:01:47 ----D---- C:\Program Files\iPod
2018-07-30 09:00:50 ----D---- C:\Program Files\iTunes
2018-07-30 08:38:29 ----D---- C:\Program Files (x86)\Microsoft
2018-07-24 12:58:32 ----D---- C:\Program Files\Common Files\Adobe
2018-07-24 12:34:33 ----D---- C:\Program Files\Common Files\AV
2018-07-24 11:22:16 ----D---- C:\ProgramData\ESET
2018-07-24 11:22:16 ----D---- C:\Program Files\ESET
2018-07-24 11:18:27 ----D---- C:\install
2018-07-13 04:01:46 ----A---- C:\windows\system32\drivers\dbx-stable.sys
2018-07-13 04:01:46 ----A---- C:\windows\system32\drivers\dbx-dev.sys
2018-07-13 04:01:46 ----A---- C:\windows\system32\drivers\dbx-canary.sys
2018-07-13 04:01:46 ----A---- C:\windows\system32\DbxSvc.exe
2018-07-12 19:03:40 ----A---- C:\windows\system32\invagent.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\generaltel.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\devinv.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\CompatTelRunner.exe
2018-07-12 19:03:40 ----A---- C:\windows\system32\centel.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\appraiser.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\aitstatic.exe
2018-07-12 19:03:40 ----A---- C:\windows\system32\aepic.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\aeinv.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\acmigration.dll
2018-07-12 19:03:24 ----A---- C:\windows\system32\mshtml.dll
2018-07-12 19:03:23 ----A---- C:\windows\SYSWOW64\mshtml.dll
2018-07-12 19:03:22 ----A---- C:\windows\SYSWOW64\ieframe.dll
2018-07-12 19:03:22 ----A---- C:\windows\system32\ieframe.dll
2018-07-12 19:03:21 ----A---- C:\windows\SYSWOW64\jscript9.dll
2018-07-12 19:03:21 ----A---- C:\windows\system32\shell32.dll
2018-07-12 19:03:21 ----A---- C:\windows\system32\jscript9.dll
2018-07-12 19:03:20 ----A---- C:\windows\SYSWOW64\urlmon.dll
2018-07-12 19:03:20 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2018-07-12 19:03:20 ----A---- C:\windows\SYSWOW64\shell32.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\win32k.sys
2018-07-12 19:03:20 ----A---- C:\windows\system32\vbscript.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\urlmon.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\ucrtbase.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\ExplorerFrame.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\drivers\tcpip.sys
2018-07-12 19:03:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2018-07-12 19:03:19 ----A---- C:\windows\SYSWOW64\iertutil.dll
2018-07-12 19:03:19 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2018-07-12 19:03:19 ----A---- C:\windows\system32\wkssvc.dll
2018-07-12 19:03:19 ----A---- C:\windows\system32\iertutil.dll
2018-07-12 19:03:19 ----A---- C:\windows\system32\drivers\dfsc.sys
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\zipfldr.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\ntdll.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\zipfldr.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\ntdll.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\iedkcs32.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\drivers\usbport.sys
2018-07-12 19:03:18 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2018-07-12 19:03:18 ----A---- C:\windows\system32\dnsrslvr.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\dnsapi.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\wininet.dll
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\dnscacheugc.exe
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\wininet.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\ntoskrnl.exe
2018-07-12 19:03:17 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2018-07-12 19:03:17 ----A---- C:\windows\system32\hal.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\netio.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\mpsdrv.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\ksecdd.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\dnscacheugc.exe
2018-07-12 19:03:17 ----A---- C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\webcheck.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\ole32.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\msrating.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\certcli.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\webcheck.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\schannel.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\rstrui.exe
2018-07-12 19:03:16 ----A---- C:\windows\system32\rpcrt4.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\ole32.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\msrating.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\mshtmlmedia.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\msfeeds.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\lsasrv.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\inseng.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\ieui.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\iesetup.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\ie4uinit.exe
2018-07-12 19:03:16 ----A---- C:\windows\system32\dxtrans.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\dxtmsft.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\drivers\usbhub.sys
2018-07-12 19:03:16 ----A---- C:\windows\system32\drivers\usbccgp.sys
2018-07-12 19:03:16 ----A---- C:\windows\system32\conhost.exe
2018-07-12 19:03:16 ----A---- C:\windows\system32\certcli.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\advapi32.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\wdigest.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\sspicli.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\schannel.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\setup16.exe
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\occache.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\kernel32.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\kerberos.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\inseng.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ieui.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\iesetup.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\iernonce.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\auditpol.exe
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\appidapi.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\advapi32.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\wow64win.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\winsrv.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\wdigest.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\TSpkg.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\sspicli.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\srcore.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\smss.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\rpchttp.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\rpcss.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\occache.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ntvdm64.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ncrypt.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\msv1_0.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\mshtmled.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\MshtmlDac.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\KernelBase.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\kernel32.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\kerberos.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\jsproxy.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\jscript9diag.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ieUnatt.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\iernonce.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ieetwproxystub.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ieetwcollector.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\drivers\videoprt.sys
2018-07-12 19:03:15 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2018-07-12 19:03:15 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2018-07-12 19:03:15 ----A---- C:\windows\system32\csrsrv.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\bcrypt.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\auditpol.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\appidsvc.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\appidapi.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\wow32.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\wfapigp.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\user.exe
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\srclient.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\secur32.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\oleres.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\msobjs.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\msaudite.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\jscript.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\instnm.exe
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\FirewallAPI.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\credssp.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\comcat.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\bcrypt.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\adtschema.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\wow64cpu.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\wow64.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\wfapigp.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\sspisrv.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\srclient.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\setbcdlocale.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\secur32.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\oleres.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\msobjs.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\msaudite.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\MPSSVC.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\lsass.exe
2018-07-12 19:03:14 ----A---- C:\windows\system32\jscript.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\ieetwcollectorres.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\ieapfltr.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\icfupgd.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\FirewallAPI.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbuhci.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbohci.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbehci.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbd.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\appid.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\cryptbase.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\credssp.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\comcat.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\appidpolicyconverter.exe
2018-07-12 19:03:14 ----A---- C:\windows\system32\appidcertstorecheck.exe
2018-07-12 19:03:14 ----A---- C:\windows\system32\apisetschema.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\adtschema.dll

======List of files/folders modified in the last 1 month======

2018-07-31 14:23:31 ----D---- C:\windows\Temp
2018-07-31 14:23:30 ----D---- C:\Program Files\trend micro
2018-07-31 13:44:54 ----D---- C:\windows\system32\config
2018-07-31 13:36:57 ----D---- C:\Users\ideacentre\AppData\Roaming\MyPhoneExplorer
2018-07-31 13:34:58 ----D---- C:\windows\inf
2018-07-31 13:34:58 ----AD---- C:\windows\System32
2018-07-31 13:34:58 ----A---- C:\windows\system32\PerfStringBackup.INI
2018-07-31 13:31:40 ----A---- C:\windows\SYSWOW64\log.txt
2018-07-31 13:30:43 ----D---- C:\windows\system32\Tasks
2018-07-31 13:29:02 ----D---- C:\Program Files (x86)\TeamViewer
2018-07-31 13:28:37 ----D---- C:\ProgramData\NVIDIA
2018-07-31 13:18:27 ----D---- C:\windows\Microsoft.NET
2018-07-31 13:02:41 ----RSD---- C:\windows\assembly
2018-07-31 13:00:22 ----RSD---- C:\windows\Fonts
2018-07-31 12:45:57 ----D---- C:\Program Files (x86)\Common Files
2018-07-31 11:35:17 ----D---- C:\FRST
2018-07-30 18:45:22 ----D---- C:\windows\system32\catroot
2018-07-30 16:44:38 ----D---- C:\Config.Msi
2018-07-30 10:40:34 ----D---- C:\windows\system32\NDF
2018-07-30 09:02:12 ----SHD---- C:\windows\Installer
2018-07-30 09:01:47 ----RD---- C:\Program Files
2018-07-30 09:01:07 ----SHD---- C:\System Volume Information
2018-07-30 08:38:45 ----SD---- C:\Users\ideacentre\AppData\Roaming\Microsoft
2018-07-30 08:38:29 ----RD---- C:\Program Files (x86)
2018-07-30 08:38:28 ----RD---- C:\Program Files (x86)\Skype
2018-07-30 08:38:28 ----D---- C:\ProgramData\Skype
2018-07-30 08:35:23 ----D---- C:\Users\ideacentre\AppData\Roaming\Skype
2018-07-25 17:41:30 ----D---- C:\windows\system32\catroot2
2018-07-25 08:04:35 ----D---- C:\Program Files (x86)\Adobe
2018-07-25 08:02:10 ----D---- C:\Program Files\Adobe
2018-07-24 13:03:09 ----D---- C:\windows\SysWOW64
2018-07-24 13:03:09 ----D---- C:\Users\ideacentre\AppData\Roaming\Adobe
2018-07-24 13:03:09 ----D---- C:\ProgramData\Adobe
2018-07-24 12:58:32 ----D---- C:\Program Files\Common Files
2018-07-24 11:55:23 ----D---- C:\Program Files (x86)\AppCleaner
2018-07-24 11:53:18 ----HD---- C:\ProgramData
2018-07-24 11:52:23 ----D---- C:\windows\system32\drivers
2018-07-24 11:50:32 ----D---- C:\windows\Tasks
2018-07-24 11:31:09 ----D---- C:\windows\system32\DriverStore
2018-07-23 09:32:20 ----D---- C:\windows\winsxs
2018-07-23 09:28:26 ----D---- C:\windows\system32\appraiser
2018-07-23 09:28:17 ----D---- C:\Program Files\Internet Explorer
2018-07-23 09:28:17 ----D---- C:\Program Files (x86)\Internet Explorer
2018-07-23 09:28:16 ----D---- C:\windows\SYSWOW64\sk-SK
2018-07-23 09:28:16 ----D---- C:\windows\SYSWOW64\en-US
2018-07-23 09:28:13 ----D---- C:\windows\system32\sk-SK
2018-07-23 09:28:13 ----D---- C:\windows\system32\en-US
2018-07-23 09:28:13 ----D---- C:\windows\system32\drivers\en-US
2018-07-23 09:28:09 ----D---- C:\windows\AppPatch
2018-07-23 09:28:08 ----D---- C:\windows\system32\Boot
2018-07-17 00:02:20 ----N---- C:\windows\system32\MpSigStub.exe
2018-07-16 08:48:30 ----D---- C:\ProgramData\Microsoft Help
2018-07-16 08:16:36 ----D---- C:\Program Files (x86)\Dropbox
2018-07-16 08:13:31 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2018-07-16 08:13:25 ----D---- C:\windows\system32\Macromed
2018-07-16 08:13:22 ----D---- C:\windows\SYSWOW64\Macromed
2018-07-12 19:09:52 ----D---- C:\windows\system32\MRT
2018-07-12 19:01:55 ----AC---- C:\windows\system32\MRT.exe
2018-07-03 15:19:15 ----D---- C:\Users\ideacentre\AppData\Roaming\TeamViewer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 EMSC;COMPAL Embedded System Control; C:\windows\system32\DRIVERS\EMSC.SYS [2009-06-27 16752]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-12-24 57952]
R0 fltsrv;Acronis Storage Filter Management; C:\windows\system32\DRIVERS\fltsrv.sys [2014-03-12 116000]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808]
R0 pwdrvio;pwdrvio; C:\windows\system32\pwdrvio.sys [2013-09-30 19152]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 snapman;Acronis Snapshots Manager; C:\windows\system32\DRIVERS\snapman.sys [2014-03-12 269600]
R0 tib;Acronis TIB Manager; C:\windows\system32\DRIVERS\tib.sys [2014-03-12 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\windows\system32\DRIVERS\tib_mounter.sys [2014-03-12 183224]
R0 vididr;Acronis Virtual Disk; C:\windows\system32\DRIVERS\vididr.sys [2014-03-12 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\windows\system32\DRIVERS\vidsflt.sys [2014-03-12 117024]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-12-24 13408]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 245952]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 179544]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2015-07-14 170768]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2011-02-11 35344]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2013-04-18 11576]
R3 afcdp;afcdp; C:\windows\system32\DRIVERS\afcdp.sys [2014-03-12 367200]
R3 AVerPola;AVerMedia USB Polaris Series Capture Service; C:\windows\system32\DRIVERS\AVerPola.sys [2010-06-22 504064]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2014-07-18 599288]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2012-05-02 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2010-12-20 316080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-01-19 2719336]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2011-05-10 174184]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\windows\system32\DRIVERS\RtsPStor.sys [2010-10-29 326760]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
R3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
R3 VMC412;Vimicro Camera Service VMC412; C:\windows\System32\Drivers\VMC412.sys [2010-08-18 239872]
S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2011-01-20 89128]
S3 dbx;dbx; C:\windows\system32\DRIVERS\dbx.sys []
S3 epmntdrv;epmntdrv; \??\C:\windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 FTDIBUS;USB Serial Converter Driver; C:\windows\system32\drivers\ftdibus.sys [2017-08-24 129456]
S3 FTSER2K;USB Serial Port Driver; C:\windows\system32\drivers\ftser2k.sys [2016-10-04 88752]
S3 fwlanusb6_860;AVM FRITZ!WLAN AC 860; C:\windows\system32\DRIVERS\fwlanusb6_860.sys [2015-07-20 2274336]
S3 GemCCID;GemCCID; C:\windows\system32\DRIVERS\GemCCID.sys [2014-11-10 130944]
S3 ggflt;SOMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2014-10-01 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsomc.sys [2014-10-01 30424]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2016-06-29 192216]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\windows\system32\DRIVERS\netaapl64.sys [2014-06-10 23040]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdspio;pwdspio; \??\C:\windows\system32\pwdspio.sys [2013-09-30 12504]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-09-16 1101928]
S3 ss_conn_usb_driver;SAMSUNG Mobile USB Connectivity Device Driver; C:\windows\System32\Drivers\ss_conn_usb_driver.sys [2017-01-16 43648]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\windows\system32\DRIVERS\tdrpman.sys [2014-03-12 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2015-06-17 54784]
S3 usbser;USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-08-21 1144688]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-03-12 3869688]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-05-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-05-11 2128872]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-07-05 83768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2014-07-17 1008384]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
R2 DbxSvc;DbxSvc; C:\windows\system32\DbxSvc.exe [2018-07-13 51392]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2015-10-29 382312]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2015-07-27 1042064]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2016-02-10 9216]
R2 GoProDeviceDetectionService;GoPro Device Detection Service; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [2016-11-14 37808]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\windows\system32\IProsetMonitor.exe [2010-09-22 165032]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-05-13 1006696]
R2 PelService;Session Launcher Service; C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe [2012-03-13 178688]
R2 Samsung Network Fax Server;Samsung Network Fax Server; C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [2013-02-05 506928]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-01-16 752224]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-13 378472]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-09-02 9742080]
R2 TeamViewer;TeamViewer 13; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-07-23 11644144]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-07-06 674104]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-03 143144]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-16 335872]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-03 143144]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [2015-07-08 44744]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2015-07-08 192200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-02-10 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-17 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 161472]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2014-01-20 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118248
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: pocitac s win 7 sa mi vzdy tak cca za 3 hodiny vypne, vi

#7 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\Google\Google Toolbar

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64

:services
Bonjour Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: pocitac s win 7 sa mi vzdy tak cca za 3 hodiny vypne, vi

#8 Příspěvek od solide »

Spravene, posielam log z OTM po restate PC:

Files moved on Reboot...
C:\Users\ideacentre\AppData\Local\Temp\acrord32_sbx\Z@RCD63.tmp moved successfully.
C:\Users\ideacentre\AppData\Local\Temp\acrord32_sbx\Z@RD26B.tmp moved successfully.
C:\Users\ideacentre\AppData\Local\Temp\acrord32_sbx\Z@RD28C.tmp moved successfully.
C:\Users\ideacentre\AppData\Local\Temp\acrord32_sbx\Z@RDA72.tmp moved successfully.
C:\Users\ideacentre\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\ideacentre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V3X5JB45\8fc89d58[1].txt moved successfully.
C:\Users\ideacentre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V3X5JB45\ads[1].htm moved successfully.
C:\Users\ideacentre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V3X5JB45\ads[2].htm moved successfully.
C:\Users\ideacentre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V3X5JB45\async_usersync[1].htm moved successfully.
C:\Users\ideacentre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V3X5JB45\dn[1].htm moved successfully.
C:\Users\ideacentre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V3X5JB45\icomoon[1].eot moved successfully.
C:\Users\ideacentre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V3X5JB45\KFOlCnqEu92Fr1MmSU5fChc-[1].woff moved successfully.
C:\Users\ideacentre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V3X5JB45\like[4].htm moved successfully.
C:\Users\ideacentre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V3X5JB45\MaterialIcons-Regular[1].ttf moved successfully.
C:\Users\ideacentre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V3X5JB45\opensans-lightitalic-webfont[1].eot moved successfully.

Registry entries deleted on Reboot...

a log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by ideacentre at 2018-07-31 15:22:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 229 GB (51%) free of 451 GB
Total RAM: 8172 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:23:02, on 31. 7. 2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\jmesoft\hotkey.exe
C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\ideacentre.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 0000000000
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [Bluetooth Manager] C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Google Update] C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Uložiť - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Uložiť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Zobraziť panel nástrojov - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Nástrojová lišta RoboFormu - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: WSISVCUchrome - {78A543EB-3A61-4ED3 - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\windows\system32\DbxSvc.exe (file missing)
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: GoPro Device Detection Service (GoProDeviceDetectionService) - Unknown owner - C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\windows\system32\IProsetMonitor.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe
O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15678 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000300;0000000000000314; /AddRef;
C:\windows\System32\spoolsv.exe
taskeng.exe {E674D27F-78CF-4D19-88E9-F93C723B966D}
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\DbxSvc.exe
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
taskeng.exe {91DE8CF0-7799-4DA5-BA7D-FC4DF81FE8A0}
/QuitInfo:000000000000049C;00000000000004A0; /AddRef;
/QuitInfo:0000000000000190;00000000000004A8;
/loadhooks /Parent:0000000000000B94
"C:\Program Files\EasySync Solutions\EasySync CryptoMonitor\CryptoMonitor.exe" /StartMinimized
"C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe"
C:\windows\system32\IProsetMonitor.exe
"C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe"
"C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe"
"C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3840
taskeng.exe {3C0693CA-5C3D-4E89-90A9-1E90F23D1CA4}
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fd4f8cf6-6db6-41ea-9827-a4b1c6f6c89b -SystemEventPortName:HostProcess-55b47b66-b4f9-45a8-91d4-ef89431e4785 -IoCancelEventPortName:HostProcess-93dd784a-5f3d-476d-9db7-5cb7c8559773 -NonStateChangingEventPortName:HostProcess-97f9c8cb-1d6b-4eed-90f4-cc2502b2c2ed -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:65c6f1e6-7938-4fc4-a6ed-a74c8df73f24 -DeviceGroupId:WpdFsGroup
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k bthsvcs
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6afb4316-ce04-46b8-acf8-e3ed20d72901 -SystemEventPortName:HostProcess-073aa896-0aa0-4cf1-9ca6-9e87202c54fe -IoCancelEventPortName:HostProcess-b70e73a1-432c-4404-8fac-d648967b07af -NonStateChangingEventPortName:HostProcess-a78858c7-d817-45cc-aad3-fb2312d25088 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:846fa396-f771-440a-b6e1-6b5618d7e881 -DeviceGroupId:
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:/Program Files (x86)/Nokia/Nokia Suite/NokiaSuite.exe" -Embedding
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe "
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{2F9B7415-BE9D-4D13-8E99-AAF03FB80AAD}
{056425E8-39B6-4480-BE4B-D8043BA7A3DB}
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\notepad.exe" C:\_OTM\MovedFiles\07312018_151355.log
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\jmesoft\hotkey.exe"
"C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --capture-python --no-upload-gzip --no-rate-limit --database=C:\Users\ideacentre\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-53.4.67 --annotation=client_session_id=e0ed18e0-5b24-442c-9831-e4800981bef9 --annotation=host_int_account1_boot=5552737739 --annotation=machine_id=e6871b05-5469-46fe-b647-30715c27e5d7 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xe0,0xe4,0xe8,0xdc,0xec,0x62a98db8,0x62a98dc8,0x62a98dd8
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:e0ed18e0-5b24-442c-9831-e4800981bef9 -target-handle:220 -target-shutdown-event:236 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -python-version:2.7.11 -method:collectupload -handler-pipe:\\.\pipe\crashpad_2940_QWRSNMBUOWRYONOI
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --reporter-url=https://rink.hockeyapp.net/api/2/apps/a ... hes/upload --application-name=skype-preview "--crashes-directory=C:\Users\IDEACE~1\AppData\Local\Temp\skype-preview Crashes" --v=1
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --no-sandbox --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,19,20,22,23,24,27,49,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-accelerated-video-decode --gpu-vendor-id=0x10de --gpu-device-id=0x0deb --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.6859 --gpu-driver-date=5-13-2011 --service-request-channel-token=11C9D95C27C7BAF0DC49A09775CAE7C9 --mojo-platform-channel-handle=1316 /prefetch:2
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --ms-disable-indexeddb-transaction-timeout --no-sandbox --service-pipe-token=0436D3C32F6682635D7D755AAF78E398 --lang=sk --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar\Preload.js" --context-id=2 --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=0436D3C32F6682635D7D755AAF78E398 --renderer-client-id=4 --mojo-platform-channel-handle=1748 /prefetch:1
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --ms-disable-indexeddb-transaction-timeout --no-sandbox --service-pipe-token=14021B6792F7EB6E46150FA8444C80A5 --lang=sk --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=true --webview-tag=true --no-sandbox --context-id=2 --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=14021B6792F7EB6E46150FA8444C80A5 --renderer-client-id=6 --mojo-platform-channel-handle=2128 /prefetch:1
"C:\Program Files\Internet Explorer\iexplore.exe"
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5840 CREDAT:267521 /prefetch:2
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\sppsvc.exe
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
wmiadap.exe /F /T /R
"C:\windows\System32\MsSpellCheckingFacility.exe" -Embedding
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\ideacentre\Desktop\RSITx64.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532

======Scheduled tasks folder======

C:\windows\tasks\DropboxUpdateTaskMachineCore.job
C:\windows\tasks\DropboxUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\ideacentre\AppData\Roaming\Mozilla\Firefox\Profiles\m8jb4xws.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll


C:\Users\ideacentre\AppData\Roaming\Mozilla\Firefox\Profiles\m8jb4xws.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13 9498616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13 6101504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-04 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-04 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-01-18 11775592]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-08-21 519504]
"egui"=C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [2015-07-23 4150472]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11 316392]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2018-07-06 298296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"= []
"OEXPRESS"= []
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-05-25 107000]
""= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-09-28 8944344]
"Google Update"=C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [2018-05-22 601680]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-06-26 67384]
"AdobeBridge"= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-06-26 49654728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor]
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-01-10 1105328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleIEDAV]
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [2018-06-26 68408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2018-06-26 67896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [2009-12-05 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Daemon for Mouse Suite]
C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [2013-03-26 87040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-07-13 3754168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2013-03-29 2081792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eID_klient]
C:\Program Files (x86)\eID klient\eID_klient.exe [2017-04-11 6357560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\ideacentre\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoPro Tray App]
C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [2016-11-14 866224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudDrive]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2018-06-26 110392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-06-26 67384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iSkysoft Helper Compact.exe]
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2016-06-20 2131856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2018-07-06 298296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lenovo EE Boot Optimizer]
C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-12-24 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultSCR]
C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe [2009-12-31 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SideSync]
C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [2018-03-07 12476064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2015-09-23 457088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TMCMonitor]
C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe [2009-11-10 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-09-20 7801088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePRCShortCut]
C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage]
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray]
C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Network PC Fax.lnk]
C:\Windows\System32\spool\drivers\x64\3\NETFAX~2.EXE [2013-02-05 380976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\PROGRA~1\SRSLAB~1\SRSCON~1\SRSPAN~1.EXE [2011-06-15 2091864]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"=C:\Program Files (x86)\jmesoft\hotkey.exe [2009-08-25 225280]
"Bluetooth Manager"=C:\Program Files\Lenovo\Bluetooth Manager\BluetoothManager.exe [2010-07-17 552448]
""= []
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-07-13 3754168]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"wave8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.CFHD"=CFHD.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"vidc.tscc"=C:\windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\windows\SysWOW64\tsc2_codec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-07-31 15:13:55 ----D---- C:\_OTM
2018-07-31 12:42:36 ----D---- C:\AdwCleaner
2018-07-31 11:27:00 ----D---- C:\rsit
2018-07-30 09:01:47 ----D---- C:\Program Files\iPod
2018-07-30 09:00:50 ----D---- C:\Program Files\iTunes
2018-07-30 08:38:29 ----D---- C:\Program Files (x86)\Microsoft
2018-07-24 12:58:32 ----D---- C:\Program Files\Common Files\Adobe
2018-07-24 12:34:33 ----D---- C:\Program Files\Common Files\AV
2018-07-24 11:22:16 ----D---- C:\ProgramData\ESET
2018-07-24 11:22:16 ----D---- C:\Program Files\ESET
2018-07-24 11:18:27 ----D---- C:\install
2018-07-13 04:01:46 ----A---- C:\windows\system32\drivers\dbx-stable.sys
2018-07-13 04:01:46 ----A---- C:\windows\system32\drivers\dbx-dev.sys
2018-07-13 04:01:46 ----A---- C:\windows\system32\drivers\dbx-canary.sys
2018-07-13 04:01:46 ----A---- C:\windows\system32\DbxSvc.exe
2018-07-12 19:03:40 ----A---- C:\windows\system32\invagent.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\generaltel.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\devinv.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\CompatTelRunner.exe
2018-07-12 19:03:40 ----A---- C:\windows\system32\centel.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\appraiser.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\aitstatic.exe
2018-07-12 19:03:40 ----A---- C:\windows\system32\aepic.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\aeinv.dll
2018-07-12 19:03:40 ----A---- C:\windows\system32\acmigration.dll
2018-07-12 19:03:24 ----A---- C:\windows\system32\mshtml.dll
2018-07-12 19:03:23 ----A---- C:\windows\SYSWOW64\mshtml.dll
2018-07-12 19:03:22 ----A---- C:\windows\SYSWOW64\ieframe.dll
2018-07-12 19:03:22 ----A---- C:\windows\system32\ieframe.dll
2018-07-12 19:03:21 ----A---- C:\windows\SYSWOW64\jscript9.dll
2018-07-12 19:03:21 ----A---- C:\windows\system32\shell32.dll
2018-07-12 19:03:21 ----A---- C:\windows\system32\jscript9.dll
2018-07-12 19:03:20 ----A---- C:\windows\SYSWOW64\urlmon.dll
2018-07-12 19:03:20 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2018-07-12 19:03:20 ----A---- C:\windows\SYSWOW64\shell32.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\win32k.sys
2018-07-12 19:03:20 ----A---- C:\windows\system32\vbscript.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\urlmon.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\ucrtbase.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\ExplorerFrame.dll
2018-07-12 19:03:20 ----A---- C:\windows\system32\drivers\tcpip.sys
2018-07-12 19:03:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2018-07-12 19:03:19 ----A---- C:\windows\SYSWOW64\iertutil.dll
2018-07-12 19:03:19 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2018-07-12 19:03:19 ----A---- C:\windows\system32\wkssvc.dll
2018-07-12 19:03:19 ----A---- C:\windows\system32\iertutil.dll
2018-07-12 19:03:19 ----A---- C:\windows\system32\drivers\dfsc.sys
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\zipfldr.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\ntdll.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\zipfldr.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\ntdll.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\iedkcs32.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\drivers\usbport.sys
2018-07-12 19:03:18 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2018-07-12 19:03:18 ----A---- C:\windows\system32\dnsrslvr.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\dnsapi.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-12 19:03:18 ----A---- C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\wininet.dll
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\dnscacheugc.exe
2018-07-12 19:03:17 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\wininet.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\ntoskrnl.exe
2018-07-12 19:03:17 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2018-07-12 19:03:17 ----A---- C:\windows\system32\hal.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\netio.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\mpsdrv.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\drivers\ksecdd.sys
2018-07-12 19:03:17 ----A---- C:\windows\system32\dnscacheugc.exe
2018-07-12 19:03:17 ----A---- C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 19:03:17 ----A---- C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\webcheck.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\ole32.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\msrating.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2018-07-12 19:03:16 ----A---- C:\windows\SYSWOW64\certcli.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\webcheck.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\schannel.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\rstrui.exe
2018-07-12 19:03:16 ----A---- C:\windows\system32\rpcrt4.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\ole32.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\msrating.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\mshtmlmedia.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\msfeeds.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\lsasrv.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\inseng.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\ieui.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\iesetup.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\ie4uinit.exe
2018-07-12 19:03:16 ----A---- C:\windows\system32\dxtrans.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\dxtmsft.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\drivers\usbhub.sys
2018-07-12 19:03:16 ----A---- C:\windows\system32\drivers\usbccgp.sys
2018-07-12 19:03:16 ----A---- C:\windows\system32\conhost.exe
2018-07-12 19:03:16 ----A---- C:\windows\system32\certcli.dll
2018-07-12 19:03:16 ----A---- C:\windows\system32\advapi32.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\wdigest.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\sspicli.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\schannel.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\setup16.exe
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\occache.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\kernel32.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\kerberos.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\inseng.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ieui.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\iesetup.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\iernonce.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\auditpol.exe
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\appidapi.dll
2018-07-12 19:03:15 ----A---- C:\windows\SYSWOW64\advapi32.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\wow64win.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\winsrv.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\wdigest.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\TSpkg.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\sspicli.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\srcore.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\smss.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\rpchttp.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\rpcss.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\occache.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ntvdm64.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ncrypt.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\msv1_0.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\mshtmled.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\MshtmlDac.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\KernelBase.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\kernel32.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\kerberos.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\jsproxy.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\jscript9diag.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ieUnatt.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\iernonce.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ieetwproxystub.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\ieetwcollector.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\drivers\videoprt.sys
2018-07-12 19:03:15 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2018-07-12 19:03:15 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2018-07-12 19:03:15 ----A---- C:\windows\system32\csrsrv.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\bcrypt.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\auditpol.exe
2018-07-12 19:03:15 ----A---- C:\windows\system32\appidsvc.dll
2018-07-12 19:03:15 ----A---- C:\windows\system32\appidapi.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-12 19:03:14 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\wow32.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\wfapigp.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\user.exe
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\srclient.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\secur32.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\oleres.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\msobjs.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\msaudite.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\jscript.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\instnm.exe
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\FirewallAPI.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\credssp.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\comcat.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\bcrypt.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2018-07-12 19:03:14 ----A---- C:\windows\SYSWOW64\adtschema.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\wow64cpu.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\wow64.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\wfapigp.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\sspisrv.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\srclient.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\setbcdlocale.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\secur32.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\oleres.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\msobjs.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\msaudite.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\MPSSVC.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\lsass.exe
2018-07-12 19:03:14 ----A---- C:\windows\system32\jscript.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\ieetwcollectorres.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\ieapfltr.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\icfupgd.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\FirewallAPI.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbuhci.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbohci.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbehci.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\usbd.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\drivers\appid.sys
2018-07-12 19:03:14 ----A---- C:\windows\system32\cryptbase.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\credssp.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\comcat.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\appidpolicyconverter.exe
2018-07-12 19:03:14 ----A---- C:\windows\system32\appidcertstorecheck.exe
2018-07-12 19:03:14 ----A---- C:\windows\system32\apisetschema.dll
2018-07-12 19:03:14 ----A---- C:\windows\system32\adtschema.dll

======List of files/folders modified in the last 1 month======

2018-07-31 15:23:00 ----D---- C:\windows\Temp
2018-07-31 15:23:00 ----D---- C:\Program Files\trend micro
2018-07-31 15:20:42 ----A---- C:\windows\SYSWOW64\log.txt
2018-07-31 15:18:00 ----D---- C:\windows\system32\config
2018-07-31 15:17:55 ----D---- C:\Program Files (x86)\TeamViewer
2018-07-31 15:17:13 ----D---- C:\ProgramData\NVIDIA
2018-07-31 15:13:56 ----D---- C:\Program Files (x86)\Google
2018-07-31 13:36:57 ----D---- C:\Users\ideacentre\AppData\Roaming\MyPhoneExplorer
2018-07-31 13:34:58 ----D---- C:\windows\inf
2018-07-31 13:34:58 ----AD---- C:\windows\System32
2018-07-31 13:34:58 ----A---- C:\windows\system32\PerfStringBackup.INI
2018-07-31 13:30:43 ----D---- C:\windows\system32\Tasks
2018-07-31 13:18:27 ----D---- C:\windows\Microsoft.NET
2018-07-31 13:02:41 ----RSD---- C:\windows\assembly
2018-07-31 13:00:22 ----RSD---- C:\windows\Fonts
2018-07-31 12:45:57 ----D---- C:\Program Files (x86)\Common Files
2018-07-31 11:35:17 ----D---- C:\FRST
2018-07-30 18:45:22 ----D---- C:\windows\system32\catroot
2018-07-30 16:44:38 ----D---- C:\Config.Msi
2018-07-30 10:40:34 ----D---- C:\windows\system32\NDF
2018-07-30 09:02:12 ----SHD---- C:\windows\Installer
2018-07-30 09:01:47 ----RD---- C:\Program Files
2018-07-30 09:01:07 ----SHD---- C:\System Volume Information
2018-07-30 08:38:45 ----SD---- C:\Users\ideacentre\AppData\Roaming\Microsoft
2018-07-30 08:38:29 ----RD---- C:\Program Files (x86)
2018-07-30 08:38:28 ----RD---- C:\Program Files (x86)\Skype
2018-07-30 08:38:28 ----D---- C:\ProgramData\Skype
2018-07-30 08:35:23 ----D---- C:\Users\ideacentre\AppData\Roaming\Skype
2018-07-25 17:41:30 ----D---- C:\windows\system32\catroot2
2018-07-25 08:04:35 ----D---- C:\Program Files (x86)\Adobe
2018-07-25 08:02:10 ----D---- C:\Program Files\Adobe
2018-07-24 13:03:09 ----D---- C:\windows\SysWOW64
2018-07-24 13:03:09 ----D---- C:\Users\ideacentre\AppData\Roaming\Adobe
2018-07-24 13:03:09 ----D---- C:\ProgramData\Adobe
2018-07-24 12:58:32 ----D---- C:\Program Files\Common Files
2018-07-24 11:55:23 ----D---- C:\Program Files (x86)\AppCleaner
2018-07-24 11:53:18 ----HD---- C:\ProgramData
2018-07-24 11:52:23 ----D---- C:\windows\system32\drivers
2018-07-24 11:50:32 ----D---- C:\windows\Tasks
2018-07-24 11:31:09 ----D---- C:\windows\system32\DriverStore
2018-07-23 09:32:20 ----D---- C:\windows\winsxs
2018-07-23 09:28:26 ----D---- C:\windows\system32\appraiser
2018-07-23 09:28:17 ----D---- C:\Program Files\Internet Explorer
2018-07-23 09:28:17 ----D---- C:\Program Files (x86)\Internet Explorer
2018-07-23 09:28:16 ----D---- C:\windows\SYSWOW64\sk-SK
2018-07-23 09:28:16 ----D---- C:\windows\SYSWOW64\en-US
2018-07-23 09:28:13 ----D---- C:\windows\system32\sk-SK
2018-07-23 09:28:13 ----D---- C:\windows\system32\en-US
2018-07-23 09:28:13 ----D---- C:\windows\system32\drivers\en-US
2018-07-23 09:28:09 ----D---- C:\windows\AppPatch
2018-07-23 09:28:08 ----D---- C:\windows\system32\Boot
2018-07-17 00:02:20 ----N---- C:\windows\system32\MpSigStub.exe
2018-07-16 08:48:30 ----D---- C:\ProgramData\Microsoft Help
2018-07-16 08:16:36 ----D---- C:\Program Files (x86)\Dropbox
2018-07-16 08:13:31 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2018-07-16 08:13:25 ----D---- C:\windows\system32\Macromed
2018-07-16 08:13:22 ----D---- C:\windows\SYSWOW64\Macromed
2018-07-12 19:09:52 ----D---- C:\windows\system32\MRT
2018-07-12 19:01:55 ----AC---- C:\windows\system32\MRT.exe
2018-07-03 15:19:15 ----D---- C:\Users\ideacentre\AppData\Roaming\TeamViewer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 EMSC;COMPAL Embedded System Control; C:\windows\system32\DRIVERS\EMSC.SYS [2009-06-27 16752]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-12-24 57952]
R0 fltsrv;Acronis Storage Filter Management; C:\windows\system32\DRIVERS\fltsrv.sys [2014-03-12 116000]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808]
R0 pwdrvio;pwdrvio; C:\windows\system32\pwdrvio.sys [2013-09-30 19152]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 snapman;Acronis Snapshots Manager; C:\windows\system32\DRIVERS\snapman.sys [2014-03-12 269600]
R0 tib;Acronis TIB Manager; C:\windows\system32\DRIVERS\tib.sys [2014-03-12 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\windows\system32\DRIVERS\tib_mounter.sys [2014-03-12 183224]
R0 vididr;Acronis Virtual Disk; C:\windows\system32\DRIVERS\vididr.sys [2014-03-12 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\windows\system32\DRIVERS\vidsflt.sys [2014-03-12 117024]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-12-24 13408]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 245952]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 179544]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2015-07-14 170768]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2011-02-11 35344]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2013-04-18 11576]
R3 afcdp;afcdp; C:\windows\system32\DRIVERS\afcdp.sys [2014-03-12 367200]
R3 AVerPola;AVerMedia USB Polaris Series Capture Service; C:\windows\system32\DRIVERS\AVerPola.sys [2010-06-22 504064]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2014-07-18 599288]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2012-05-02 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2010-12-20 316080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-01-19 2719336]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2011-05-10 174184]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\windows\system32\DRIVERS\RtsPStor.sys [2010-10-29 326760]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
R3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
R3 VMC412;Vimicro Camera Service VMC412; C:\windows\System32\Drivers\VMC412.sys [2010-08-18 239872]
S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2011-01-20 89128]
S3 dbx;dbx; C:\windows\system32\DRIVERS\dbx.sys []
S3 epmntdrv;epmntdrv; \??\C:\windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 FTDIBUS;USB Serial Converter Driver; C:\windows\system32\drivers\ftdibus.sys [2017-08-24 129456]
S3 FTSER2K;USB Serial Port Driver; C:\windows\system32\drivers\ftser2k.sys [2016-10-04 88752]
S3 fwlanusb6_860;AVM FRITZ!WLAN AC 860; C:\windows\system32\DRIVERS\fwlanusb6_860.sys [2015-07-20 2274336]
S3 GemCCID;GemCCID; C:\windows\system32\DRIVERS\GemCCID.sys [2014-11-10 130944]
S3 ggflt;SOMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2014-10-01 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsomc.sys [2014-10-01 30424]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2016-06-29 192216]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\windows\system32\DRIVERS\netaapl64.sys [2014-06-10 23040]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdspio;pwdspio; \??\C:\windows\system32\pwdspio.sys [2013-09-30 12504]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-09-16 1101928]
S3 ss_conn_usb_driver;SAMSUNG Mobile USB Connectivity Device Driver; C:\windows\System32\Drivers\ss_conn_usb_driver.sys [2017-01-16 43648]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\windows\system32\DRIVERS\tdrpman.sys [2014-03-12 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2015-06-17 54784]
S3 usbser;USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-08-21 1144688]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-03-12 3869688]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-05-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-05-11 2128872]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2014-07-17 1008384]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
R2 DbxSvc;DbxSvc; C:\windows\system32\DbxSvc.exe [2018-07-13 51392]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2015-10-29 382312]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2015-07-27 1042064]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2016-02-10 9216]
R2 GoProDeviceDetectionService;GoPro Device Detection Service; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [2016-11-14 37808]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\windows\system32\IProsetMonitor.exe [2010-09-22 165032]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-05-13 1006696]
R2 PelService;Session Launcher Service; C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe [2012-03-13 178688]
R2 Samsung Network Fax Server;Samsung Network Fax Server; C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [2013-02-05 506928]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-01-16 752224]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-13 378472]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-09-02 9742080]
R2 TeamViewer;TeamViewer 13; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-07-23 11644144]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-07-06 674104]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-07-05 83768]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-03 143144]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-16 335872]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-03 143144]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [2015-07-08 44744]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2015-07-08 192200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-02-10 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-17 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 161472]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2014-01-20 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118248
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: pocitac s win 7 sa mi vzdy tak cca za 3 hodiny vypne, vi

#9 Příspěvek od Rudy »

Smazáno. Dvouklikem na soubor C:\Program Files\trend micro\ideacentre.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: WSISVCUchrome - {78A543EB-3A61-4ED3 - (no file)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“