Avast - Vytížení

Zpráva

Ardenlax · #1 Příspěvek od **Ardenlax** » 29 srp 2015 20:51

Zdravím. Mám problém s nb, při chodu Avastu mívám stavy 100% zatížení disku procesem System a paměti procesem Hostitel služby: místní systém. Při vypnutí ochrany ( přímo přes avast) situace občas přestaly, občas přetrvají. Zkoušel jsem Avast reinstalovat a instaloval jsem i AVG, situace stejná. Stavy trvají cca 5-10 minut, poté přestanou a po chvíli se opakuje. Počítač se v průběhu seká. Vytížení navíc nedává číselně smysl, někdy je bráno 100% při maximálních 5mb/s někdy se vyšplhá na 15mb/s přitom stále píše 100%. Jsem v tomto oboru nováček takže bych poprosil o nějakou polopatickou radu pokud možno. Předem děkuji za jakoukoli pomoc.

#2 Příspěvek od **Márty84** » 29 srp 2015 23:14

Zdravim

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Ardenlax · #3 Příspěvek od **Ardenlax** » 30 srp 2015 15:10

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:29-08-2015
Ran by skotn_000 (administrator) on SKOTNICA (30-08-2015 16:05:56)
Running from C:\Users\skotn_000\Desktop
Loaded Profiles: skotn_000 (Available Profiles: skotn_000 & Test)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\skotn_000\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164112 2015-05-16] (IvoSoft)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1091568 2015-03-03] (Highresolution Enterprises)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-07-15] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [32ndBuzzer] => C:\Program Files (x86)\32nd Regiment Buzzer\Buzzer.exe [180224 2015-01-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-29] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Google Update] => C:\Users\skotn_000\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-05-24] (Google Inc.)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-07-19] (Overwolf LTD)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Dropbox Update] => C:\Users\skotn_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2015-07-03] ()
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Spotify Web Helper] => C:\Users\skotn_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2008632 2015-07-14] (Spotify Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177088 2015-08-07] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-08-07] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155792 2015-08-07] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-08-07] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-29] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3338900602-571765566-1102821152-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-3338900602-571765566-1102821152-1002 -> DefaultScope {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116} URL =
SearchScopes: HKU\S-1-5-21-3338900602-571765566-1102821152-1002 -> {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-05] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-05] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-05-16] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-05-16] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-09] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0B26C385-7A9D-49A9-BFFC-57EDC999C3CF}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9E42551A-0C90-4C5F-AFBB-CE61E90B5B33}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\skotn_000\AppData\Roaming\Mozilla\Firefox\Profiles\puozbh2t.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-05] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-09] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3338900602-571765566-1102821152-1002: @tools.google.com/Google Update;version=3 -> C:\Users\skotn_000\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3338900602-571765566-1102821152-1002: @tools.google.com/Google Update;version=9 -> C:\Users\skotn_000\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Profile: C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-24]
CHR Extension: (Google Docs) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-24]
CHR Extension: (Google Drive) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-24]
CHR Extension: (YouTube) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-24]
CHR Extension: (OneTab) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2015-07-17]
CHR Extension: (Google Search) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-24]
CHR Extension: (Google Sheets) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-24]
CHR Extension: (AdBlock) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-04]
CHR Extension: (LoudTronix Helper) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdfpmjnfglpmofblacoponodofkdongp [2015-05-24]
CHR Extension: (Looper for YouTube) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2015-08-04]
CHR Extension: (The Great Suspender) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-07-17]
CHR Extension: (Lyrics Here by Rob W) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifkpflabnobkgbjpcmocmgcajlecbcp [2015-08-04]
CHR Extension: (Google Mail Checker) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-05-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24]
CHR Extension: (Gmail) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ALG; C:\Windows\System32\alg.exe [94208 2012-07-26] (Microsoft Corporation) [File not signed]
S3 AllUserInstallAgent; C:\Windows\system32\AUInstallAgent.dll [122368 2012-07-26] (Microsoft Corporation) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [37888 2012-07-26] (Microsoft Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-29] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-29] (Avast Software)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [112128 2012-07-26] (Microsoft Corporation) [File not signed]
R2 BITS; C:\Windows\System32\qmgr.dll [826368 2012-07-26] (Microsoft Corporation) [File not signed]
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [134144 2012-07-26] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [89088 2012-07-26] (Microsoft Corporation) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-20] (Acer Incorporated)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [149504 2012-07-26] (Microsoft Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [817152 2012-07-26] (Microsoft Corporation) [File not signed]
R2 DeviceAssociationService; C:\Windows\system32\das.dll [342016 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252928 2012-07-26] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [197120 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Eaphost; C:\Windows\System32\eapsvc.dll [105472 2012-07-26] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\system32\efssvc.dll [37376 2012-07-26] (Microsoft Corporation) [File not signed]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.)
R2 EventSystem; C:\Windows\system32\es.dll [507904 2012-07-26] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\SysWOW64\es.dll [394240 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [669696 2012-07-26] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [21504 2012-07-26] (Microsoft Corporation) [File not signed]
R3 FDResPub; C:\Windows\system32\fdrespub.dll [33280 2012-07-26] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [1366016 2012-07-26] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [36352 2012-07-26] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2012-07-26] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [97792 2012-07-26] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [394752 2012-07-26] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [304128 2012-07-26] (Microsoft Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R3 KeyIso; C:\Windows\system32\keyiso.dll [59904 2012-07-26] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [358912 2012-07-26] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [191488 2012-07-26] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [274944 2012-07-26] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23040 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [144384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151552 2012-07-26] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [124416 2012-07-26] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [62976 2012-07-26] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [428544 2012-07-26] (Microsoft Corporation) [File not signed]
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [161792 2012-07-26] (Microsoft Corporation) [File not signed]
R3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [73728 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\netlogon.dll [743936 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [255488 2012-07-26] (Microsoft Corporation) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2012-07-26] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-19] (Overwolf LTD)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [329728 2012-07-26] (Microsoft Corporation) [File not signed]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [435712 2012-07-26] (Microsoft Corporation) [File not signed]
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2012-07-26] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1379840 2012-07-26] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\SysWOW64\pla.dll [1421824 2012-07-26] (Microsoft Corporation) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-06-07] ()
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [26624 2012-07-26] (Microsoft Corporation) [File not signed]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [329728 2012-07-26] (Microsoft Corporation) [File not signed]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [474624 2012-07-26] (Microsoft Corporation) [File not signed]
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2675200 2012-07-26] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [268800 2012-07-26] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [99840 2012-07-26] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [358400 2012-07-26] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [107520 2012-07-26] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [81920 2012-07-26] (Microsoft Corporation) [File not signed]
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [159744 2012-07-26] (Microsoft Corporation) [File not signed]
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-07-15] (Dritek System INC.)
S3 RpcLocator; C:\Windows\system32\locator.exe [9728 2012-07-26] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [817152 2012-07-26] (Microsoft Corporation) [File not signed]
S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [196608 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [149504 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [148480 2012-07-26] (Microsoft Corporation) [File not signed]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R3 seclogon; C:\Windows\system32\seclogon.dll [30720 2012-07-26] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [62976 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [161792 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [291328 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [249344 2012-07-26] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [438784 2012-07-26] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [565760 2012-07-26] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [506368 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14848 2012-07-26] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [769024 2012-07-26] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [266240 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [81920 2012-07-26] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\Windows\System32\wiaservc.dll [570880 2012-07-26] (Microsoft Corporation) [File not signed]
S3 StorSvc; C:\Windows\system32\storsvc.dll [20992 2012-07-26] (Microsoft Corporation) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation) [File not signed]
S3 svsvc; C:\Windows\system32\svsvc.dll [12800 2012-07-26] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [502784 2012-07-26] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [84480 2012-07-26] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [305664 2012-07-26] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [245760 2012-07-26] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [47104 2012-07-26] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2012-07-26] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2012-07-26] (Microsoft Corporation) [File not signed]
S3 UmRdpService; C:\Windows\System32\umrdp.dll [250880 2012-07-26] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [520704 2012-07-26] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [409600 2012-07-26] (Microsoft Corporation) [File not signed]
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [283648 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmicrdv; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmicshutdown; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmictimesync; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [358400 2012-07-26] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1616896 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [335872 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [109568 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [96768 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [109568 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [96768 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [218112 2012-07-26] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84992 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [65536 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [219648 2012-07-26] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [198144 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [11776 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10240 2012-07-26] (Microsoft Corporation) [File not signed]
R3 wuauserv; C:\Windows\system32\wuaueng.dll [3286016 2014-11-15] (Microsoft Corporation) [File not signed]
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [226304 2012-07-26] (Microsoft Corporation) [File not signed]
S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [10240 2012-07-26] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [12288 2012-07-26] (Microsoft Corporation) [File not signed]
S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [10752 2012-07-26] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [79360 2012-07-26] (Microsoft Corporation) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-29] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-29] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-29] (AVAST Software)
S3 AsyncMac; C:\Windows\system32\DRIVERS\asyncmac.sys [26624 2012-07-26] (Microsoft Corporation) [File not signed]
R3 athr; C:\Windows\system32\DRIVERS\athw8x.sys [3747840 2013-01-21] (Qualcomm Atheros Communications, Inc.) [File not signed]
R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [48640 2012-07-26] (Microsoft Corporation) [File not signed]
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [29696 2012-07-26] (Microsoft Corporation) [File not signed]
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [101888 2012-07-26] (Microsoft Corporation) [File not signed]
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [51200 2012-07-26] (Microsoft Corporation) [File not signed]
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [65536 2012-07-26] (Microsoft Corporation) [File not signed]
S3 BthPan; C:\Windows\system32\DRIVERS\bthpan.sys [119808 2012-07-26] (Microsoft Corporation) [File not signed]
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [108544 2012-07-26] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\drivers\cdrom.sys [174080 2012-07-26] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\System32\drivers\circlass.sys [45056 2012-07-26] (Microsoft Corporation) [File not signed]
R3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [25600 2012-07-26] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [36352 2012-07-26] (Microsoft Corporation) [File not signed]
R3 condrv; C:\Windows\System32\drivers\condrv.sys [33792 2012-07-26] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [50688 2012-07-26] (Microsoft Corporation) [File not signed]
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [33280 2012-07-26] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-05-25] (Disc Soft Ltd)
S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [10240 2012-07-26] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [194560 2012-07-26] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\System32\drivers\fdc.sys [30720 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34816 2012-07-26] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [24576 2012-07-26] (Microsoft Corporation) [File not signed]
S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [12288 2012-07-26] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [27136 2012-07-26] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [46080 2012-07-26] (Microsoft Corporation) [File not signed]
S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [11776 2012-07-26] (Microsoft Corporation) [File not signed]
S3 HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [24576 2012-07-26] (Microsoft Corporation) [File not signed]
R3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [5343584 2012-10-23] (Intel Corporation) [File not signed]
R3 IntcDAud; C:\Windows\system32\DRIVERS\IntcDAud.sys [342528 2012-06-19] (Intel(R) Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [89088 2012-07-26] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [145920 2012-07-26] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2012-07-26] (Microsoft Corporation) [File not signed]
R3 k57nd60a; C:\Windows\system32\DRIVERS\k57nd60a.sys [425472 2012-06-02] (Broadcom Corporation) [File not signed]
R3 kdnic; C:\Windows\system32\DRIVERS\kdnic.sys [18432 2012-07-26] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [21376 2012-07-26] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\system32\DRIVERS\lltdio.sys [60416 2012-07-26] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [134144 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2012-07-26] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [279552 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [129536 2012-07-26] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8704 2012-07-26] (Microsoft Corporation) [File not signed]
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [10752 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\system32\drivers\MSKSSRV.sys [11008 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MsLldp; C:\Windows\system32\DRIVERS\mslldp.sys [68608 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\system32\drivers\MSPCLOCK.sys [7168 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\system32\drivers\MSPQM.sys [6912 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\system32\drivers\MSTEE.sys [8192 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [14848 2012-07-26] (Microsoft Corporation) [File not signed]
R2 NativeWifiP; C:\Windows\system32\DRIVERS\nwifi.sys [427520 2012-07-26] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\system32\DRIVERS\ndiscap.sys [46592 2012-07-26] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\system32\DRIVERS\ndisuio.sys [58880 2012-07-26] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\system32\DRIVERS\ndiswan.sys [174080 2012-07-26] (Microsoft Corporation) [File not signed]
S3 NDISWANLEGACY; C:\Windows\system32\DRIVERS\ndiswan.sys [174080 2012-07-26] (Microsoft Corporation) [File not signed]
R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [97792 2012-07-26] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [46080 2012-07-26] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [331776 2012-07-26] (Microsoft Corporation) [File not signed]
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-29] (AVAST Software)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [49152 2012-07-26] (Microsoft Corporation) [File not signed]
R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [23552 2012-07-26] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [34304 2012-07-26] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [5632 2012-07-26] (Microsoft Corporation) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 Parport; C:\Windows\System32\drivers\parport.sys [105984 2012-07-26] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [805376 2013-04-09] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\system32\DRIVERS\raspptp.sys [114176 2012-07-26] (Microsoft Corporation) [File not signed]
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-07-15] (Dritek System Inc.)
R1 Psched; C:\Windows\system32\DRIVERS\pacer.sys [145408 2012-07-26] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2012-07-26] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [16384 2012-07-26] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\system32\DRIVERS\AgileVpn.sys [68608 2012-07-26] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\system32\DRIVERS\rasl2tp.sys [124928 2012-07-26] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\system32\DRIVERS\raspppoe.sys [81920 2012-07-26] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\system32\DRIVERS\rassstp.sys [92672 2012-07-26] (Microsoft Corporation) [File not signed]
R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [22528 2012-07-26] (Microsoft Corporation) [File not signed]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [179712 2012-07-26] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\system32\DRIVERS\rspndr.sys [78848 2012-07-26] (Microsoft Corporation) [File not signed]
S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [7168 2012-07-26] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [36864 2012-07-26] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2012-07-26] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [62976 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Serenum; C:\Windows\System32\drivers\serenum.sys [23040 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\System32\drivers\serial.sys [76800 2012-07-26] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [16896 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [59392 2012-07-26] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [416768 2012-07-26] (Microsoft Corporation) [File not signed]
S3 ssudobex; C:\Windows\system32\DRIVERS\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45056 2012-07-26] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [117248 2012-07-26] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [57344 2012-07-26] (Microsoft Corporation) [File not signed]
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [30208 2012-07-26] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [149504 2012-07-26] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\drivers\umbus.sys [48128 2012-07-26] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\System32\drivers\umpass.sys [11776 2012-07-26] (Microsoft Corporation) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-29] (Avast Software)
S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [22144 2012-07-26] (Microsoft Corporation) [File not signed]
R3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24064 2012-07-26] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\system32\DRIVERS\vwififlt.sys [64000 2012-07-26] (Microsoft Corporation) [File not signed]
R3 vwifimp; C:\Windows\system32\DRIVERS\vwifimp.sys [17920 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [27008 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WinUSB; C:\Windows\system32\DRIVERS\WinUSB.sys [57344 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [17408 2012-07-26] (Microsoft Corporation) [File not signed]
S3 wpcfltr; C:\Windows\System32\DRIVERS\wpcfltr.sys [45056 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [19968 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) [File not signed]
R4 AVGIDSHA; system32\DRIVERS\avgidsha.sys [X]
R4 Avgrkx64; system32\DRIVERS\avgrkx64.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-30 16:05 - 2015-08-30 16:06 - 00047775 _____ C:\Users\skotn_000\Desktop\FRST.txt
2015-08-30 16:05 - 2015-08-30 16:06 - 00000000 ____D C:\FRST
2015-08-30 16:02 - 2015-08-30 16:03 - 00112640 _____ (forum.viry.cz) C:\Users\skotn_000\Desktop\FRSTLauncher.exe
2015-08-30 16:02 - 2015-08-30 16:02 - 00112640 _____ (forum.viry.cz) C:\Users\skotn_000\Downloads\Nepotvrzeno 331359.crdownload
2015-08-30 16:01 - 2015-08-30 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\skotn_000\Downloads\Nepotvrzeno 559114.crdownload
2015-08-30 15:52 - 2015-08-30 15:52 - 02186752 _____ (Farbar) C:\Users\skotn_000\Desktop\FRST64.exe
2015-08-29 21:39 - 2015-08-29 21:39 - 00001926 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-29 21:39 - 2015-08-29 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-29 21:38 - 2015-08-29 21:38 - 01048856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1440877136656
2015-08-29 21:38 - 2015-08-29 21:38 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-29 21:38 - 2015-08-29 21:38 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00115152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-29 21:38 - 2015-08-29 21:38 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-29 21:36 - 2015-08-29 21:36 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-29 18:45 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-08-29 18:14 - 2015-08-29 18:14 - 00502092 _____ C:\WINDOWS\PFRO.log
2015-08-29 18:11 - 2015-08-29 18:12 - 115845912 _____ (AVG Technologies) C:\Users\skotn_000\Downloads\avg_tuh_stf_all_2015_638_24c43.exe
2015-08-29 17:53 - 2015-08-29 17:53 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\AVG2015
2015-08-29 17:52 - 2015-08-29 21:01 - 00000000 ___HD C:\$AVG
2015-08-29 17:52 - 2015-08-29 21:01 - 00000000 ____D C:\ProgramData\AVG2015
2015-08-29 17:52 - 2015-08-29 17:52 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\TuneUp Software
2015-08-29 17:51 - 2015-08-29 17:51 - 00000000 ____D C:\Program Files (x86)\AVG
2015-08-29 17:48 - 2015-08-29 21:34 - 00000000 ____D C:\Users\skotn_000\AppData\Local\Avg2015
2015-08-29 17:48 - 2015-08-29 21:34 - 00000000 ____D C:\ProgramData\MFAData
2015-08-29 17:48 - 2015-08-29 17:48 - 00000000 ____D C:\Users\skotn_000\AppData\Local\MFAData
2015-08-29 17:47 - 2015-08-29 21:34 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-29 17:47 - 2015-08-29 17:47 - 00000034 _____ C:\WINDOWS\AvastEmUpdate.ini
2015-08-29 17:47 - 2015-08-29 17:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2015-08-29 17:41 - 2015-08-29 17:41 - 05053040 _____ (AVG Technologies) C:\Users\skotn_000\Downloads\avg_free_stb_all_2015_ltst_612.exe
2015-08-29 17:23 - 2015-08-29 17:23 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\AVAST Software
2015-08-29 17:21 - 2015-08-29 17:26 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-08-29 17:21 - 2015-08-29 17:26 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-08-29 17:15 - 2015-08-29 17:15 - 05500000 _____ (Avast Software s.r.o.) C:\Users\skotn_000\Downloads\avast_free_antivirus_setup_online.exe
2015-08-27 17:05 - 2015-08-27 17:27 - 00000000 ____D C:\Users\skotn_000\Downloads\Fable III (CZ) (2011) - t2k9
2015-08-27 17:01 - 2015-08-27 17:03 - 00000000 ____D C:\Users\skotn_000\Downloads\STAR_WARS_KOTOR_1+2_SCORE
2015-08-27 16:40 - 2015-08-27 16:40 - 00000000 ____D C:\Users\skotn_000\Documents\Larian Studios
2015-08-27 16:38 - 2015-08-27 16:38 - 00001368 _____ C:\Users\Public\Desktop\Divinity - Original Sin.lnk
2015-08-27 16:38 - 2015-08-27 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Larian Studios
2015-08-27 16:11 - 2015-08-27 16:11 - 00000000 ____D C:\Program Files (x86)\Larian Studios
2015-08-27 15:13 - 2015-08-27 15:03 - 08901682 _____ C:\Users\skotn_000\Desktop\Data.zip
2015-08-27 14:12 - 2015-08-27 14:21 - 961977188 _____ C:\Users\skotn_000\Downloads\Full_0.3.rar
2015-08-26 22:51 - 2015-08-26 22:51 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-26 22:50 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-08-26 22:50 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-08-25 11:13 - 2015-08-25 11:13 - 01605632 _____ C:\Users\skotn_000\Desktop\adwcleaner_5.003.exe
2015-08-24 23:03 - 2015-08-24 23:03 - 02104188 _____ C:\Users\skotn_000\Desktop\minecraft_Skyblock2.1.zip
2015-08-24 19:40 - 2015-08-24 19:41 - 00098504 _____ C:\Users\skotn_000\Desktop\LoL Summoner Information (v4.9.1) Setup.exe
2015-08-21 21:30 - 2015-08-21 21:30 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\0ad
2015-08-21 21:30 - 2015-08-21 21:30 - 00000000 ____D C:\Users\skotn_000\AppData\Local\0ad
2015-08-21 19:52 - 2015-08-21 19:52 - 00001228 _____ C:\Users\skotn_000\Desktop\Revo Uninstaller.lnk
2015-08-21 19:52 - 2015-08-21 19:52 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-21 19:41 - 2015-08-21 19:41 - 00000000 ____D C:\Users\skotn_000\AppData\Local\jwProgramy
2015-08-21 19:38 - 2015-08-21 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jwDuplFiles
2015-08-21 19:38 - 2015-08-21 19:38 - 00000000 ____D C:\Program Files (x86)\jwDuplFiles
2015-08-21 18:00 - 2015-08-21 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Whigs and Tories Beta
2015-08-19 23:11 - 2015-08-19 23:14 - 00000000 ____D C:\Users\skotn_000\AppData\Local\NVIDIA Corporation
2015-08-19 23:11 - 2015-08-19 23:12 - 00000000 ____D C:\Users\skotn_000\AppData\Local\NVIDIA
2015-08-19 23:11 - 2015-08-19 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-19 23:11 - 2015-08-18 01:30 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-08-19 23:11 - 2015-08-18 01:30 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-08-19 23:11 - 2015-08-18 01:29 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-08-19 23:11 - 2015-08-18 01:29 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-08-19 23:08 - 2015-08-19 23:08 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-08-19 23:08 - 2015-08-19 23:08 - 00000000 ____D C:\WINDOWS\system32\NV
2015-08-19 23:07 - 2015-08-07 06:34 - 06883448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 03492144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 01061168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-19 23:07 - 2015-08-07 06:34 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 00074872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-19 23:07 - 2015-08-03 12:12 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-19 22:52 - 2015-08-11 06:52 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 17124832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 14673920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 12513288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-19 22:52 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00033050 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-19 22:52 - 2015-08-07 13:06 - 00031352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-08-19 22:51 - 2015-08-07 13:06 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-19 22:51 - 2015-08-07 13:06 - 37819000 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-19 22:51 - 2015-08-07 13:06 - 03518248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-19 22:51 - 2015-08-07 13:06 - 03106384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-13 20:21 - 2015-08-13 20:21 - 00000954 _____ C:\Users\skotn_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2015-08-13 20:21 - 2015-08-13 20:21 - 00000946 _____ C:\Users\skotn_000\Desktop\osu!.lnk
2015-08-13 20:20 - 2015-08-24 19:26 - 00000000 ____D C:\Users\skotn_000\AppData\Local\osu!
2015-08-13 20:15 - 2015-08-13 20:15 - 00000516 _____ C:\Users\skotn_000\Desktop\Play cRPG.lnk
2015-08-13 20:01 - 2015-08-13 20:01 - 00041984 _____ C:\Users\skotn_000\Desktop\WSELoader.exe
2015-08-13 10:48 - 2015-08-13 10:48 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-11 22:35 - 2015-08-11 22:35 - 00000000 ____D C:\Users\skotn_000\AppData\Local\MusicPlayer
2015-08-06 21:16 - 2015-08-27 21:14 - 00000000 ____D C:\Users\skotn_000\Downloads\Hry
2015-08-06 21:15 - 2015-08-21 22:52 - 00000000 ____D C:\Users\skotn_000\Downloads\Audioknihy
2015-08-06 21:06 - 2015-08-22 12:36 - 00000000 ____D C:\Users\skotn_000\Downloads\Filmy
2015-08-06 21:04 - 2015-08-06 21:04 - 00010240 ___SH C:\Users\skotn_000\Downloads\Thumbs.db
2015-08-04 13:13 - 2015-08-04 13:13 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\0 A.D. alpha
2015-08-04 13:09 - 2015-08-04 13:09 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2015-08-04 13:03 - 2015-08-04 13:13 - 00000000 ____D C:\Users\skotn_000\AppData\Local\0 A.D. alpha

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-30 16:06 - 2015-05-24 00:44 - 00000996 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA.job
2015-08-30 16:04 - 2015-06-08 16:35 - 01147373 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-30 16:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-30 15:49 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-08-30 06:09 - 2015-05-24 01:33 - 00000000 ____D C:\Users\skotn_000\AppData\Local\ClassicShell
2015-08-29 22:29 - 2015-05-24 01:23 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\Skype
2015-08-29 22:06 - 2015-05-24 00:44 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core.job
2015-08-29 22:01 - 2015-05-24 00:44 - 00003950 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA
2015-08-29 22:01 - 2015-05-24 00:44 - 00003570 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core
2015-08-29 21:46 - 2015-06-22 20:35 - 00000952 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA.job
2015-08-29 21:44 - 2015-06-06 15:17 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-08-29 21:01 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-29 19:50 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-29 18:49 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-29 18:33 - 2015-05-24 01:28 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-29 18:32 - 2015-05-24 20:53 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\TS3Client
2015-08-29 18:15 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-29 18:13 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-29 17:16 - 2015-05-24 00:38 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-29 16:46 - 2015-06-22 20:35 - 00000900 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core.job
2015-08-28 20:23 - 2015-05-24 01:34 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-28 19:23 - 2015-05-24 01:34 - 00000000 ____D C:\Users\skotn_000\AppData\Local\Battle.net
2015-08-27 21:15 - 2013-07-15 21:43 - 00727488 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-27 21:15 - 2013-07-15 21:43 - 00148006 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-27 21:15 - 2012-07-26 09:28 - 01714430 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-27 17:59 - 2015-06-08 16:54 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\vlc
2015-08-27 17:28 - 2015-05-24 01:31 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\uTorrent
2015-08-27 16:38 - 2015-06-09 21:06 - 00323072 ___SH C:\Users\skotn_000\Desktop\Thumbs.db
2015-08-27 16:10 - 2015-05-25 13:03 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\DAEMON Tools Lite
2015-08-26 22:52 - 2013-07-15 21:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-26 20:22 - 2015-05-24 01:29 - 00000000 ____D C:\Users\skotn_000\AppData\Local\Overwolf
2015-08-25 19:32 - 2015-05-24 01:32 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-08-25 11:18 - 2015-07-02 12:08 - 00000000 ____D C:\AdwCleaner
2015-08-21 21:55 - 2015-05-24 01:16 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3338900602-571765566-1102821152-1002
2015-08-21 21:30 - 2015-05-31 11:13 - 00000000 ____D C:\Users\skotn_000\Documents\My Games
2015-08-21 20:42 - 2015-06-08 21:37 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-21 20:01 - 2015-05-24 01:12 - 00000000 ___RD C:\Users\skotn_000\Dropbox
2015-08-21 19:54 - 2015-06-22 20:34 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-08-21 18:26 - 2015-05-24 01:06 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\Dropbox
2015-08-21 13:00 - 2015-06-01 18:41 - 00000000 ____D C:\Users\skotn_000\Documents\stronghold crusader
2015-08-20 20:11 - 2015-05-24 01:29 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-08-19 23:49 - 2015-07-11 13:08 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-08-19 23:28 - 2015-05-28 22:50 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-19 23:11 - 2013-07-15 21:07 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-19 23:11 - 2013-07-15 21:07 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-19 23:08 - 2013-07-15 21:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-19 23:07 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Help
2015-08-18 20:16 - 2015-05-25 13:52 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-16 11:59 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-16 11:03 - 2015-05-24 01:22 - 00000000 ____D C:\ProgramData\Skype
2015-08-15 10:48 - 2015-05-24 17:46 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2015-08-15 10:48 - 2015-05-24 17:46 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2015-08-07 21:38 - 2015-06-13 14:42 - 00000000 ____D C:\Users\skotn_000\Documents\Telltale Games
2015-08-02 17:11 - 2015-07-06 23:58 - 00000000 ____D C:\Users\skotn_000\AppData\Local\Spotify
2015-08-02 15:42 - 2015-07-06 23:58 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\Spotify

==================== Files in the root of some directories =======

2015-05-27 21:49 - 2015-05-26 09:49 - 0000040 ____H () C:\Program Files (x86)\2e450ff3.tmp
2015-05-25 14:45 - 2015-06-22 00:00 - 0007602 _____ () C:\Users\skotn_000\AppData\Local\Resmon.ResmonCfg
2015-06-07 13:26 - 2015-06-07 13:26 - 0000000 ___SH () C:\ProgramData\.rdata

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => MD5 is legit
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\SysWOW64\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_203_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core.job => C:\Users\skotn_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA.job => C:\Users\skotn_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core.job => C:\Users\skotn_000\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA.job => C:\Users\skotn_000\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\skotn_000\Desktop" je 29 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#4 Příspěvek od **Márty84** » 30 srp 2015 18:34

Odinstalujte Spybota, progra je zastaraly.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Ardenlax · #5 Příspěvek od **Ardenlax** » 31 srp 2015 20:45

Spybot odinstalován.
MBAM jsem skenoval ještě než jsem poprvé napsal, klasickým přednastaveným skenem, našel jen 1 věc, a to byl crack ke hře, což myslím, že by neměla být příčina problému.
Dnes jsem problém nespozoroval, ale předpokládám, že je to tím, že mám permanentně vypnuté štíty avastu.

crystal disk info:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2015/08/30 20:19:39

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- TOSHIBA MQ01ABD100
- HL-DT-ST DVDRAM GT90N
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MQ01ABD100 : 1000,2 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MQ01ABD100
----------------------------------------------------------------------------
Model : TOSHIBA MQ01ABD100
Firmware : AX003J
Serial Number : 63ERT1KKT
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 4968 hod.
Power On Count : 2164 krát
Temparature : 47 C (116 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 00FEh [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 0000000006CB Čas na roztočení ploten
04 100 100 __0 000000000A37 Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _88 _88 __0 000000001368 Hodin v činnosti
0A 151 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000874 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000179 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000002A Počet vypnutí disku
C1 100 100 __0 000000000CA0 Počet cyklů načítání/vymazání
C2 100 100 __0 0034000F002F Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 000000000000 Posunutí disku vůči ose
DE _88 _88 __0 000000001354 Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 0000000000B3 Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3345 3345 5254 314B 4B54
020: 0000 4000 0000 4158 3030 2020 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4431 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 EF0E EF0E 0006 004C 0048
080: 01F8 0000 746B 7D09 6163 BC09 BC09 6163 203F 0070
090: 0070 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 6003 6003 0000 5000 0394
110: D1D0 4318 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C2A5

AdwCleaner:

# AdwCleaner v5.004 - Logfile created 30/08/2015 at 20:14:10
# Updated 26/08/2015 by Xplode
# Database : 2015-08-30.1 [Server]
# Operating system : Windows 8 (x64)
# Username : skotn_000 - SKOTNICA
# Running from : C:\Users\skotn_000\Downloads\adwcleaner_5.004.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Avg Secure Update
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update

***** [ Web browsers ] *****

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [865 bytes] ##########

MAlwarebytes anti-malware:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 30. 8. 2015
Čas skenování: 20:23
Protokol: MBAM.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.30.01
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: skotn_000

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 875288
Uplynulý čas: 24 hod, 57 min, 29 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Ardenlax · #6 Příspěvek od **Ardenlax** » 31 srp 2015 20:45

Spybot odinstalován.
MBAM jsem skenoval ještě než jsem poprvé napsal, klasickým přednastaveným skenem, našel jen 1 věc, a to byl crack ke hře, což myslím, že by neměla být příčina problému.
Dnes jsem problém nespozoroval, ale předpokládám, že je to tím, že mám permanentně vypnuté štíty avastu.

crystal disk info:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2015/08/30 20:19:39

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- TOSHIBA MQ01ABD100
- HL-DT-ST DVDRAM GT90N
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MQ01ABD100 : 1000,2 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MQ01ABD100
----------------------------------------------------------------------------
Model : TOSHIBA MQ01ABD100
Firmware : AX003J
Serial Number : 63ERT1KKT
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 4968 hod.
Power On Count : 2164 krát
Temparature : 47 C (116 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 00FEh [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 0000000006CB Čas na roztočení ploten
04 100 100 __0 000000000A37 Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _88 _88 __0 000000001368 Hodin v činnosti
0A 151 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000874 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000179 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000002A Počet vypnutí disku
C1 100 100 __0 000000000CA0 Počet cyklů načítání/vymazání
C2 100 100 __0 0034000F002F Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 000000000000 Posunutí disku vůči ose
DE _88 _88 __0 000000001354 Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 0000000000B3 Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3345 3345 5254 314B 4B54
020: 0000 4000 0000 4158 3030 2020 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4431 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 EF0E EF0E 0006 004C 0048
080: 01F8 0000 746B 7D09 6163 BC09 BC09 6163 203F 0070
090: 0070 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 6003 6003 0000 5000 0394
110: D1D0 4318 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C2A5

AdwCleaner:

# AdwCleaner v5.004 - Logfile created 30/08/2015 at 20:14:10
# Updated 26/08/2015 by Xplode
# Database : 2015-08-30.1 [Server]
# Operating system : Windows 8 (x64)
# Username : skotn_000 - SKOTNICA
# Running from : C:\Users\skotn_000\Downloads\adwcleaner_5.004.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Avg Secure Update
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update

***** [ Web browsers ] *****

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [865 bytes] ##########

MAlwarebytes anti-malware:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 30. 8. 2015
Čas skenování: 20:23
Protokol: MBAM.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.30.01
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: skotn_000

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 875288
Uplynulý čas: 24 hod, 57 min, 29 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#7 Příspěvek od **Márty84** » 01 zář 2015 07:56

MBAM muzete odinstalovat.

Dejte novy log z FRST

a k tomu

Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe , navod zde http://forum.viry.cz/viewtopic.php?f=30&t=130787

Ardenlax · #8 Příspěvek od **Ardenlax** » 01 zář 2015 11:01

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by skotn_000 (administrator) on SKOTNICA (01-09-2015 11:55:28)
Running from C:\Users\skotn_000\Desktop
Loaded Profiles: skotn_000 (Available Profiles: skotn_000 & Test)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164112 2015-05-16] (IvoSoft)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1091568 2015-03-03] (Highresolution Enterprises)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-07-15] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [32ndBuzzer] => C:\Program Files (x86)\32nd Regiment Buzzer\Buzzer.exe [180224 2015-01-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-29] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Google Update] => C:\Users\skotn_000\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-05-24] (Google Inc.)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-08-19] (Overwolf LTD)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Dropbox Update] => C:\Users\skotn_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2015-07-03] ()
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Spotify Web Helper] => C:\Users\skotn_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-08-31] (Spotify Ltd)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\RunOnce: [Uninstall C:\Users\skotn_000\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\skotn_000\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177088 2015-08-07] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-08-07] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155792 2015-08-07] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-08-07] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\skotn_000\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-29] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0B26C385-7A9D-49A9-BFFC-57EDC999C3CF}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9E42551A-0C90-4C5F-AFBB-CE61E90B5B33}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-3338900602-571765566-1102821152-1002 -> DefaultScope {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116} URL =
SearchScopes: HKU\S-1-5-21-3338900602-571765566-1102821152-1002 -> {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-05] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-05] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-05-16] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-05-16] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-09] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\skotn_000\AppData\Roaming\Mozilla\Firefox\Profiles\puozbh2t.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-05] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-09] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3338900602-571765566-1102821152-1002: @tools.google.com/Google Update;version=3 -> C:\Users\skotn_000\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3338900602-571765566-1102821152-1002: @tools.google.com/Google Update;version=9 -> C:\Users\skotn_000\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Profile: C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-24]
CHR Extension: (Google Docs) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-24]
CHR Extension: (Google Drive) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-24]
CHR Extension: (YouTube) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-24]
CHR Extension: (OneTab) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2015-07-17]
CHR Extension: (Google Search) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-24]
CHR Extension: (Google Sheets) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-24]
CHR Extension: (AdBlock) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-04]
CHR Extension: (LoudTronix Helper) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdfpmjnfglpmofblacoponodofkdongp [2015-05-24]
CHR Extension: (Looper for YouTube) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2015-08-04]
CHR Extension: (The Great Suspender) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-07-17]
CHR Extension: (Lyrics Here by Rob W) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifkpflabnobkgbjpcmocmgcajlecbcp [2015-08-04]
CHR Extension: (Google Mail Checker) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-05-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24]
CHR Extension: (Gmail) - C:\Users\skotn_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ALG; C:\Windows\System32\alg.exe [94208 2012-07-26] (Microsoft Corporation) [File not signed]
S3 AllUserInstallAgent; C:\Windows\system32\AUInstallAgent.dll [122368 2012-07-26] (Microsoft Corporation) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [37888 2012-07-26] (Microsoft Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-29] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-29] (Avast Software)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [112128 2012-07-26] (Microsoft Corporation) [File not signed]
R3 BITS; C:\Windows\System32\qmgr.dll [826368 2012-07-26] (Microsoft Corporation) [File not signed]
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [134144 2012-07-26] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [89088 2012-07-26] (Microsoft Corporation) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-20] (Acer Incorporated)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [149504 2012-07-26] (Microsoft Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [817152 2012-07-26] (Microsoft Corporation) [File not signed]
R2 DeviceAssociationService; C:\Windows\system32\das.dll [342016 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252928 2012-07-26] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [197120 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Eaphost; C:\Windows\System32\eapsvc.dll [105472 2012-07-26] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\system32\efssvc.dll [37376 2012-07-26] (Microsoft Corporation) [File not signed]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.)
R2 EventSystem; C:\Windows\system32\es.dll [507904 2012-07-26] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\SysWOW64\es.dll [394240 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [669696 2012-07-26] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [21504 2012-07-26] (Microsoft Corporation) [File not signed]
R3 FDResPub; C:\Windows\system32\fdrespub.dll [33280 2012-07-26] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [1366016 2012-07-26] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [36352 2012-07-26] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2012-07-26] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [97792 2012-07-26] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [394752 2012-07-26] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [304128 2012-07-26] (Microsoft Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R3 KeyIso; C:\Windows\system32\keyiso.dll [59904 2012-07-26] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [358912 2012-07-26] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [191488 2012-07-26] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [274944 2012-07-26] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23040 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [144384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151552 2012-07-26] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [124416 2012-07-26] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [62976 2012-07-26] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [428544 2012-07-26] (Microsoft Corporation) [File not signed]
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [161792 2012-07-26] (Microsoft Corporation) [File not signed]
R3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [73728 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\netlogon.dll [743936 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [255488 2012-07-26] (Microsoft Corporation) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2012-07-26] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1006320 2015-08-19] (Overwolf LTD)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [329728 2012-07-26] (Microsoft Corporation) [File not signed]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [435712 2012-07-26] (Microsoft Corporation) [File not signed]
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2012-07-26] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1379840 2012-07-26] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\SysWOW64\pla.dll [1421824 2012-07-26] (Microsoft Corporation) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-06-07] ()
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [26624 2012-07-26] (Microsoft Corporation) [File not signed]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [329728 2012-07-26] (Microsoft Corporation) [File not signed]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [474624 2012-07-26] (Microsoft Corporation) [File not signed]
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2675200 2012-07-26] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [268800 2012-07-26] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [99840 2012-07-26] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [358400 2012-07-26] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [107520 2012-07-26] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [81920 2012-07-26] (Microsoft Corporation) [File not signed]
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [159744 2012-07-26] (Microsoft Corporation) [File not signed]
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-07-15] (Dritek System INC.)
S3 RpcLocator; C:\Windows\system32\locator.exe [9728 2012-07-26] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [817152 2012-07-26] (Microsoft Corporation) [File not signed]
S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [196608 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [149504 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [148480 2012-07-26] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2012-07-26] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [62976 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [161792 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [291328 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [249344 2012-07-26] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [438784 2012-07-26] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [565760 2012-07-26] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [506368 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14848 2012-07-26] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [769024 2012-07-26] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [266240 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [81920 2012-07-26] (Microsoft Corporation) [File not signed]
S2 stisvc; C:\Windows\System32\wiaservc.dll [570880 2012-07-26] (Microsoft Corporation) [File not signed]
S3 StorSvc; C:\Windows\system32\storsvc.dll [20992 2012-07-26] (Microsoft Corporation) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation) [File not signed]
S3 svsvc; C:\Windows\system32\svsvc.dll [12800 2012-07-26] (Microsoft Corporation) [File not signed]
R3 swprv; C:\Windows\System32\swprv.dll [502784 2012-07-26] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [84480 2012-07-26] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [305664 2012-07-26] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [245760 2012-07-26] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [47104 2012-07-26] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2012-07-26] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2012-07-26] (Microsoft Corporation) [File not signed]
S3 UmRdpService; C:\Windows\System32\umrdp.dll [250880 2012-07-26] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [520704 2012-07-26] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [409600 2012-07-26] (Microsoft Corporation) [File not signed]
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [283648 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmicrdv; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmicshutdown; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmictimesync; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [358400 2012-07-26] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1616896 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [335872 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [109568 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [96768 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [109568 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [96768 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [218112 2012-07-26] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84992 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [65536 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [219648 2012-07-26] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [198144 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [11776 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10240 2012-07-26] (Microsoft Corporation) [File not signed]
S3 wuauserv; C:\Windows\system32\wuaueng.dll [3286016 2014-11-15] (Microsoft Corporation) [File not signed]
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [226304 2012-07-26] (Microsoft Corporation) [File not signed]
S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [10240 2012-07-26] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [12288 2012-07-26] (Microsoft Corporation) [File not signed]
S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [10752 2012-07-26] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [79360 2012-07-26] (Microsoft Corporation) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-29] (AVAST Software)
S3 AsyncMac; C:\Windows\system32\DRIVERS\asyncmac.sys [26624 2012-07-26] (Microsoft Corporation) [File not signed]
R3 athr; C:\Windows\system32\DRIVERS\athw8x.sys [3747840 2013-01-21] (Qualcomm Atheros Communications, Inc.) [File not signed]
R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [48640 2012-07-26] (Microsoft Corporation) [File not signed]
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [29696 2012-07-26] (Microsoft Corporation) [File not signed]
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [101888 2012-07-26] (Microsoft Corporation) [File not signed]
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [51200 2012-07-26] (Microsoft Corporation) [File not signed]
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [65536 2012-07-26] (Microsoft Corporation) [File not signed]
S3 BthPan; C:\Windows\system32\DRIVERS\bthpan.sys [119808 2012-07-26] (Microsoft Corporation) [File not signed]
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [108544 2012-07-26] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\drivers\cdrom.sys [174080 2012-07-26] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\System32\drivers\circlass.sys [45056 2012-07-26] (Microsoft Corporation) [File not signed]
R3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [25600 2012-07-26] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [36352 2012-07-26] (Microsoft Corporation) [File not signed]
R3 condrv; C:\Windows\System32\drivers\condrv.sys [33792 2012-07-26] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [50688 2012-07-26] (Microsoft Corporation) [File not signed]
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [33280 2012-07-26] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-05-25] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2013-04-21] (Broadcom Corporation)
S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [10240 2012-07-26] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [194560 2012-07-26] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\System32\drivers\fdc.sys [30720 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34816 2012-07-26] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [24576 2012-07-26] (Microsoft Corporation) [File not signed]
S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [12288 2012-07-26] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [27136 2012-07-26] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [46080 2012-07-26] (Microsoft Corporation) [File not signed]
S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [11776 2012-07-26] (Microsoft Corporation) [File not signed]
S3 HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [24576 2012-07-26] (Microsoft Corporation) [File not signed]
R3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [5343584 2012-10-23] (Intel Corporation) [File not signed]
R3 IntcDAud; C:\Windows\system32\DRIVERS\IntcDAud.sys [342528 2012-06-19] (Intel(R) Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [89088 2012-07-26] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [145920 2012-07-26] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2012-07-26] (Microsoft Corporation) [File not signed]
R3 k57nd60a; C:\Windows\system32\DRIVERS\k57nd60a.sys [425472 2012-06-02] (Broadcom Corporation) [File not signed]
R3 kdnic; C:\Windows\system32\DRIVERS\kdnic.sys [18432 2012-07-26] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [21376 2012-07-26] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\system32\DRIVERS\lltdio.sys [60416 2012-07-26] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [134144 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2012-07-26] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [279552 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [129536 2012-07-26] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8704 2012-07-26] (Microsoft Corporation) [File not signed]
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [10752 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\system32\drivers\MSKSSRV.sys [11008 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MsLldp; C:\Windows\system32\DRIVERS\mslldp.sys [68608 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\system32\drivers\MSPCLOCK.sys [7168 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\system32\drivers\MSPQM.sys [6912 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\system32\drivers\MSTEE.sys [8192 2012-07-26] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [14848 2012-07-26] (Microsoft Corporation) [File not signed]
R2 NativeWifiP; C:\Windows\system32\DRIVERS\nwifi.sys [427520 2012-07-26] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\system32\DRIVERS\ndiscap.sys [46592 2012-07-26] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\system32\DRIVERS\ndisuio.sys [58880 2012-07-26] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\system32\DRIVERS\ndiswan.sys [174080 2012-07-26] (Microsoft Corporation) [File not signed]
S3 NDISWANLEGACY; C:\Windows\system32\DRIVERS\ndiswan.sys [174080 2012-07-26] (Microsoft Corporation) [File not signed]
R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [97792 2012-07-26] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [46080 2012-07-26] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [331776 2012-07-26] (Microsoft Corporation) [File not signed]
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-29] (AVAST Software)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [49152 2012-07-26] (Microsoft Corporation) [File not signed]
R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [23552 2012-07-26] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [34304 2012-07-26] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [5632 2012-07-26] (Microsoft Corporation) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 Parport; C:\Windows\System32\drivers\parport.sys [105984 2012-07-26] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [805376 2013-04-09] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\system32\DRIVERS\raspptp.sys [114176 2012-07-26] (Microsoft Corporation) [File not signed]
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-07-15] (Dritek System Inc.)
R1 Psched; C:\Windows\system32\DRIVERS\pacer.sys [145408 2012-07-26] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2012-07-26] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [16384 2012-07-26] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\system32\DRIVERS\AgileVpn.sys [68608 2012-07-26] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\system32\DRIVERS\rasl2tp.sys [124928 2012-07-26] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\system32\DRIVERS\raspppoe.sys [81920 2012-07-26] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\system32\DRIVERS\rassstp.sys [92672 2012-07-26] (Microsoft Corporation) [File not signed]
R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [22528 2012-07-26] (Microsoft Corporation) [File not signed]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [179712 2012-07-26] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\system32\DRIVERS\rspndr.sys [78848 2012-07-26] (Microsoft Corporation) [File not signed]
S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [7168 2012-07-26] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [36864 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [62976 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Serenum; C:\Windows\System32\drivers\serenum.sys [23040 2012-07-26] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\System32\drivers\serial.sys [76800 2012-07-26] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [16896 2012-07-26] (Microsoft Corporation) [File not signed]
S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [59392 2012-07-26] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [416768 2012-07-26] (Microsoft Corporation) [File not signed]
S3 ssudobex; C:\Windows\system32\DRIVERS\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45056 2012-07-26] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [117248 2012-07-26] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [57344 2012-07-26] (Microsoft Corporation) [File not signed]
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [30208 2012-07-26] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [149504 2012-07-26] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\drivers\umbus.sys [48128 2012-07-26] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\System32\drivers\umpass.sys [11776 2012-07-26] (Microsoft Corporation) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-29] (Avast Software)
S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [22144 2012-07-26] (Microsoft Corporation) [File not signed]
R3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24064 2012-07-26] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\system32\DRIVERS\vwififlt.sys [64000 2012-07-26] (Microsoft Corporation) [File not signed]
R3 vwifimp; C:\Windows\system32\DRIVERS\vwifimp.sys [17920 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [27008 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WinUSB; C:\Windows\system32\DRIVERS\WinUSB.sys [57344 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [17408 2012-07-26] (Microsoft Corporation) [File not signed]
S3 wpcfltr; C:\Windows\System32\DRIVERS\wpcfltr.sys [45056 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [19968 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) [File not signed]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-01 11:55 - 2015-09-01 11:55 - 00047995 _____ C:\Users\skotn_000\Desktop\FRST.txt
2015-09-01 11:55 - 2015-09-01 11:55 - 00029696 _____ C:\Users\skotn_000\AppData\Local\MSGBOX.EXE
2015-09-01 11:55 - 2015-09-01 11:55 - 00015327 _____ C:\Users\skotn_000\Desktop\LM.bat
2015-09-01 11:51 - 2015-09-01 11:53 - 00000000 ____D C:\rsit
2015-09-01 11:51 - 2015-09-01 11:51 - 00000000 ____D C:\Program Files\trend micro
2015-09-01 11:50 - 2015-09-01 11:50 - 01222144 _____ C:\Users\skotn_000\Downloads\RSITx64 (1).exe
2015-09-01 11:49 - 2015-09-01 11:54 - 00000000 ____D C:\Users\skotn_000\Desktop\FRST-OlderVersion
2015-09-01 11:46 - 2015-09-01 11:46 - 01222144 _____ C:\Users\skotn_000\Downloads\RSITx64.exe
2015-08-30 20:10 - 2015-08-30 20:10 - 00000000 ____D C:\Users\skotn_000\Desktop\Smart
2015-08-30 20:09 - 2015-08-30 20:19 - 00000240 _____ C:\Users\skotn_000\Desktop\DiskInfo.ini
2015-08-30 20:09 - 2012-06-15 14:08 - 01149912 _____ (Crystal Dew World) C:\Users\skotn_000\Desktop\DiskInfo.exe
2015-08-30 20:09 - 2012-05-27 20:28 - 00000000 ____D C:\Users\skotn_000\Desktop\CdiResource
2015-08-30 20:08 - 2015-08-30 20:08 - 00000085 _____ C:\WINDOWS\wininit.ini
2015-08-30 20:02 - 2015-08-30 20:02 - 01618432 _____ C:\Users\skotn_000\Downloads\adwcleaner_5.004.exe
2015-08-30 20:00 - 2015-08-30 20:00 - 01496172 _____ C:\Users\skotn_000\Downloads\CrystalDiskInfo5_0_0.zip
2015-08-30 17:55 - 2015-08-30 17:55 - 00000000 ____D C:\ProgramData\SkidRow
2015-08-30 17:41 - 2015-08-30 17:41 - 00001812 _____ C:\Users\Public\Desktop\Mount and Blade Warband - Viking Conquest Reforged Edition.lnk
2015-08-30 17:41 - 2015-08-30 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TaleWorlds Entertainment
2015-08-30 17:31 - 2015-08-30 17:55 - 00000000 ____D C:\Program Files (x86)\TaleWorlds Entertainment
2015-08-30 16:47 - 2015-08-30 17:03 - 00000000 ____D C:\Users\skotn_000\Downloads\Mount.and.Blade.Warband.Viking.Conquest.Reforged.Edition-SKIDROW
2015-08-30 16:46 - 2015-08-30 16:46 - 00055030 _____ C:\Users\skotn_000\Downloads\Mount.and.Blade.Warband.Viking.Conquest.Reforged.Edition-SKIDROW-[rarbg.com].torrent
2015-08-30 16:05 - 2015-09-01 11:55 - 00000000 ____D C:\FRST
2015-08-30 16:02 - 2015-08-30 16:03 - 00112640 _____ (forum.viry.cz) C:\Users\skotn_000\Desktop\FRSTLauncher.exe
2015-08-30 15:52 - 2015-09-01 11:49 - 02188800 _____ (Farbar) C:\Users\skotn_000\Desktop\FRST64.exe
2015-08-29 21:39 - 2015-08-29 21:39 - 00001926 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-29 21:39 - 2015-08-29 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-29 21:38 - 2015-08-30 20:17 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-29 21:38 - 2015-08-29 21:38 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-29 21:38 - 2015-08-29 21:38 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00115152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-29 21:38 - 2015-08-29 21:38 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-29 21:38 - 2015-08-29 21:38 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-29 21:36 - 2015-08-29 21:36 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-29 18:45 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-08-29 18:14 - 2015-09-01 06:01 - 00515048 _____ C:\WINDOWS\PFRO.log
2015-08-29 18:11 - 2015-08-29 18:12 - 115845912 _____ (AVG Technologies) C:\Users\skotn_000\Downloads\avg_tuh_stf_all_2015_638_24c43.exe
2015-08-29 17:52 - 2015-08-29 17:52 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\TuneUp Software
2015-08-29 17:48 - 2015-08-30 20:15 - 00000000 ____D C:\ProgramData\MFAData
2015-08-29 17:48 - 2015-08-29 17:48 - 00000000 ____D C:\Users\skotn_000\AppData\Local\MFAData
2015-08-29 17:47 - 2015-08-29 21:34 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-29 17:47 - 2015-08-29 17:47 - 00000034 _____ C:\WINDOWS\AvastEmUpdate.ini
2015-08-29 17:47 - 2015-08-29 17:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2015-08-29 17:41 - 2015-08-29 17:41 - 05053040 _____ (AVG Technologies) C:\Users\skotn_000\Downloads\avg_free_stb_all_2015_ltst_612.exe
2015-08-29 17:23 - 2015-08-29 17:23 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\AVAST Software
2015-08-29 17:21 - 2015-08-29 17:26 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-08-29 17:21 - 2015-08-29 17:26 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-08-29 17:15 - 2015-08-29 17:15 - 05500000 _____ (Avast Software s.r.o.) C:\Users\skotn_000\Downloads\avast_free_antivirus_setup_online.exe
2015-08-27 17:05 - 2015-08-27 17:27 - 00000000 ____D C:\Users\skotn_000\Downloads\Fable III (CZ) (2011) - t2k9
2015-08-27 17:01 - 2015-08-27 17:03 - 00000000 ____D C:\Users\skotn_000\Downloads\STAR_WARS_KOTOR_1+2_SCORE
2015-08-27 16:40 - 2015-08-27 16:40 - 00000000 ____D C:\Users\skotn_000\Documents\Larian Studios
2015-08-27 16:38 - 2015-08-27 16:38 - 00001368 _____ C:\Users\Public\Desktop\Divinity - Original Sin.lnk
2015-08-27 16:38 - 2015-08-27 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Larian Studios
2015-08-27 16:11 - 2015-08-27 16:11 - 00000000 ____D C:\Program Files (x86)\Larian Studios
2015-08-27 15:13 - 2015-08-27 15:03 - 08901682 _____ C:\Users\skotn_000\Desktop\Data.zip
2015-08-27 14:12 - 2015-08-27 14:21 - 961977188 _____ C:\Users\skotn_000\Downloads\Full_0.3.rar
2015-08-26 22:51 - 2015-08-26 22:51 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-26 22:50 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-08-26 22:50 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-08-25 11:13 - 2015-08-25 11:13 - 01605632 _____ C:\Users\skotn_000\Desktop\adwcleaner_5.003.exe
2015-08-24 23:03 - 2015-08-24 23:03 - 02104188 _____ C:\Users\skotn_000\Desktop\minecraft_Skyblock2.1.zip
2015-08-24 19:40 - 2015-08-24 19:41 - 00098504 _____ C:\Users\skotn_000\Desktop\LoL Summoner Information (v4.9.1) Setup.exe
2015-08-21 21:30 - 2015-08-21 21:30 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\0ad
2015-08-21 21:30 - 2015-08-21 21:30 - 00000000 ____D C:\Users\skotn_000\AppData\Local\0ad
2015-08-21 19:52 - 2015-08-21 19:52 - 00001228 _____ C:\Users\skotn_000\Desktop\Revo Uninstaller.lnk
2015-08-21 19:52 - 2015-08-21 19:52 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-21 19:41 - 2015-08-21 19:41 - 00000000 ____D C:\Users\skotn_000\AppData\Local\jwProgramy
2015-08-21 18:00 - 2015-08-21 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Whigs and Tories Beta
2015-08-19 23:11 - 2015-08-19 23:14 - 00000000 ____D C:\Users\skotn_000\AppData\Local\NVIDIA Corporation
2015-08-19 23:11 - 2015-08-19 23:12 - 00000000 ____D C:\Users\skotn_000\AppData\Local\NVIDIA
2015-08-19 23:11 - 2015-08-19 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-19 23:11 - 2015-08-18 01:30 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-08-19 23:11 - 2015-08-18 01:30 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-08-19 23:11 - 2015-08-18 01:29 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-08-19 23:11 - 2015-08-18 01:29 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-08-19 23:08 - 2015-08-19 23:08 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-08-19 23:08 - 2015-08-19 23:08 - 00000000 ____D C:\WINDOWS\system32\NV
2015-08-19 23:07 - 2015-08-07 06:34 - 06883448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 03492144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 01061168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-19 23:07 - 2015-08-07 06:34 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 00074872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-19 23:07 - 2015-08-07 06:34 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-19 23:07 - 2015-08-03 12:12 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-19 22:52 - 2015-08-11 06:52 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 17124832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 14673920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 12513288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-19 22:52 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-19 22:52 - 2015-08-07 13:06 - 00033050 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-19 22:52 - 2015-08-07 13:06 - 00031352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-08-19 22:51 - 2015-08-07 13:06 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-19 22:51 - 2015-08-07 13:06 - 37819000 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-19 22:51 - 2015-08-07 13:06 - 03518248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-19 22:51 - 2015-08-07 13:06 - 03106384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-13 20:21 - 2015-08-13 20:21 - 00000954 _____ C:\Users\skotn_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2015-08-13 20:21 - 2015-08-13 20:21 - 00000946 _____ C:\Users\skotn_000\Desktop\osu!.lnk
2015-08-13 20:20 - 2015-08-24 19:26 - 00000000 ____D C:\Users\skotn_000\AppData\Local\osu!
2015-08-13 20:15 - 2015-08-13 20:15 - 00000516 _____ C:\Users\skotn_000\Desktop\Play cRPG.lnk
2015-08-13 20:01 - 2015-08-13 20:01 - 00041984 _____ C:\Users\skotn_000\Desktop\WSELoader.exe
2015-08-13 10:48 - 2015-08-13 10:48 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-11 22:35 - 2015-08-11 22:35 - 00000000 ____D C:\Users\skotn_000\AppData\Local\MusicPlayer
2015-08-06 21:16 - 2015-08-27 21:14 - 00000000 ____D C:\Users\skotn_000\Downloads\Hry
2015-08-06 21:15 - 2015-08-21 22:52 - 00000000 ____D C:\Users\skotn_000\Downloads\Audioknihy
2015-08-06 21:06 - 2015-08-22 12:36 - 00000000 ____D C:\Users\skotn_000\Downloads\Filmy
2015-08-06 21:04 - 2015-08-06 21:04 - 00010240 ___SH C:\Users\skotn_000\Downloads\Thumbs.db
2015-08-04 13:13 - 2015-08-04 13:13 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\0 A.D. alpha
2015-08-04 13:09 - 2015-08-04 13:09 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2015-08-04 13:03 - 2015-08-04 13:13 - 00000000 ____D C:\Users\skotn_000\AppData\Local\0 A.D. alpha

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-01 11:46 - 2015-06-22 20:35 - 00000952 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA.job
2015-09-01 11:46 - 2015-05-24 01:33 - 00000000 ____D C:\Users\skotn_000\AppData\Local\ClassicShell
2015-09-01 11:40 - 2015-05-24 01:34 - 00000000 ____D C:\Users\skotn_000\AppData\Local\Battle.net
2015-09-01 11:33 - 2015-05-24 01:23 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\Skype
2015-09-01 11:28 - 2015-05-24 01:28 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-01 11:19 - 2015-06-08 16:35 - 01741173 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-01 11:09 - 2015-05-24 01:34 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-01 11:09 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-01 06:15 - 2015-05-24 01:16 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3338900602-571765566-1102821152-1002
2015-09-01 06:06 - 2015-05-24 00:44 - 00000996 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA.job
2015-09-01 06:02 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-31 22:06 - 2015-05-24 00:44 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core.job
2015-08-31 17:26 - 2015-05-24 20:53 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\TS3Client
2015-08-31 17:12 - 2015-07-01 20:39 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2015-08-31 16:46 - 2015-06-22 20:35 - 00000900 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core.job
2015-08-31 16:08 - 2015-07-06 23:58 - 00000000 ____D C:\Users\skotn_000\AppData\Local\Spotify
2015-08-31 15:45 - 2015-07-06 23:58 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\Spotify
2015-08-31 13:33 - 2015-05-24 01:32 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-08-31 12:17 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-08-30 20:15 - 2015-06-27 11:17 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-30 20:14 - 2015-07-02 12:08 - 00000000 ____D C:\AdwCleaner
2015-08-30 20:14 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-30 20:08 - 2015-06-27 11:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-30 18:41 - 2015-06-27 13:49 - 00000000 ____D C:\Program Files (x86)\Skyrim
2015-08-30 17:25 - 2015-05-24 01:31 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\uTorrent
2015-08-30 16:10 - 2015-06-09 21:06 - 00323072 ___SH C:\Users\skotn_000\Desktop\Thumbs.db
2015-08-29 22:01 - 2015-05-24 00:44 - 00003950 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA
2015-08-29 22:01 - 2015-05-24 00:44 - 00003570 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core
2015-08-29 21:44 - 2015-06-06 15:17 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-08-29 21:01 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-29 19:50 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-29 18:49 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-29 17:16 - 2015-05-24 00:38 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-27 21:15 - 2013-07-15 21:43 - 00727488 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-27 21:15 - 2013-07-15 21:43 - 00148006 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-27 21:15 - 2012-07-26 09:28 - 01714430 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-27 17:59 - 2015-06-08 16:54 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\vlc
2015-08-27 16:10 - 2015-05-25 13:03 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\DAEMON Tools Lite
2015-08-26 22:52 - 2013-07-15 21:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-26 20:22 - 2015-05-24 01:29 - 00000000 ____D C:\Users\skotn_000\AppData\Local\Overwolf
2015-08-21 21:30 - 2015-05-31 11:13 - 00000000 ____D C:\Users\skotn_000\Documents\My Games
2015-08-21 20:42 - 2015-06-08 21:37 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-21 20:01 - 2015-05-24 01:12 - 00000000 ___RD C:\Users\skotn_000\Dropbox
2015-08-21 19:54 - 2015-06-22 20:34 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-08-21 18:26 - 2015-05-24 01:06 - 00000000 ____D C:\Users\skotn_000\AppData\Roaming\Dropbox
2015-08-21 13:00 - 2015-06-01 18:41 - 00000000 ____D C:\Users\skotn_000\Documents\stronghold crusader
2015-08-20 20:11 - 2015-05-24 01:29 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-08-19 23:49 - 2015-07-11 13:08 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-08-19 23:28 - 2015-05-28 22:50 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-19 23:11 - 2013-07-15 21:07 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-19 23:11 - 2013-07-15 21:07 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-19 23:08 - 2013-07-15 21:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-19 23:07 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Help
2015-08-18 20:16 - 2015-05-25 13:52 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-16 11:59 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-16 11:03 - 2015-05-24 01:22 - 00000000 ____D C:\ProgramData\Skype
2015-08-15 10:48 - 2015-05-24 17:46 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2015-08-15 10:48 - 2015-05-24 17:46 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2015-08-07 21:38 - 2015-06-13 14:42 - 00000000 ____D C:\Users\skotn_000\Documents\Telltale Games

==================== Files in the root of some directories =======

2015-05-27 21:49 - 2015-05-26 09:49 - 0000040 ____H () C:\Program Files (x86)\2e450ff3.tmp
2015-09-01 11:55 - 2015-09-01 11:55 - 0029696 _____ () C:\Users\skotn_000\AppData\Local\MSGBOX.EXE
2015-05-25 14:45 - 2015-06-22 00:00 - 0007602 _____ () C:\Users\skotn_000\AppData\Local\Resmon.ResmonCfg
2015-06-07 13:26 - 2015-06-07 13:26 - 0000000 ___SH () C:\ProgramData\.rdata

Some files in TEMP:
====================
C:\Users\skotn_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgqbsod.dll
C:\Users\skotn_000\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => MD5 is legit
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\SysWOW64\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-26 11:02

==================== End of FRST.txt ============================

Ardenlax · #9 Příspěvek od **Ardenlax** » 01 zář 2015 11:03

Logfile of random's system information tool 1.10 (written by random/random)
Run by skotn_000 at 2015-09-01 11:59:03
Microsoft Windows 8
System drive C: has 105 GB (18%) free of 586 GB
Total RAM: 3911 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:59:18, on 1. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17267)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\skotn_000.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [32ndBuzzer] "C:\Program Files (x86)\32nd Regiment Buzzer\Buzzer.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\skotn_000\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\skotn_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\skotn_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\skotn_000\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\skotn_000\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll, C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12277 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
dashost.exe {2c362094-b65b-4b0b-ba66cefed0ea89d2}
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\Windows\RfBtnSvc64.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
taskhostex.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
ClassicStartMenu.exe -startup
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1352.0.1446199317\1699449308" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/OneWeek/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1352.2.1420062516\1921502147" --font-cache-shared-handle=3088 /prefetch:673131151
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/OneWeek/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1352.3.1570422407\6487561" --font-cache-shared-handle=3228 /prefetch:673131151
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/OneWeek/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1352.6.1862416610\1482670607" --font-cache-shared-handle=2656 /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 138602b6-03c4-4ec8-b770-965b402ac125
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Skype\Phone\Skype.exe"

"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\skotn_000\AppData\Local\Steam\htmlcache" -steampid 2564 -buildid 1440016726 -steamid "0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4212 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-gpu-compositing --channel="4212.0.626856309\1524731986" /prefetch:673131151
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4212 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-gpu-compositing --channel="4212.2.112948381\1869429468" /prefetch:673131151
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/OneWeek/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1352.41.1432275979\169734333" --font-cache-shared-handle=6432 /prefetch:673131151
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/OneWeek/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1352.44.1608753850\2008191268" --font-cache-shared-handle=7824 /prefetch:673131151
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/OneWeek/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1352.45.87482630\102184188" --font-cache-shared-handle=8984 /prefetch:673131151
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/OneWeek/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1352.49.116524472\874557330" --font-cache-shared-handle=8684 /prefetch:673131151
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/OneWeek/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1352.51.1173888435\1516404174" --font-cache-shared-handle=9364 /prefetch:673131151
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/OneWeek/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="1352.52.408727088\161287216" --font-cache-shared-handle=2832 /prefetch:673131151
"C:\Users\skotn_000\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1352.53.130932449\1107506478" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\skotn_000\Downloads\RSITx64 (1).exe"
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_203_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core.job - C:\Users\skotn_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA.job - C:\Users\skotn_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core.job - C:\Users\skotn_000\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA.job - C:\Users\skotn_000\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\skotn_000\AppData\Roaming\Mozilla\Firefox\Profiles\puozbh2t.default

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files (x86)\McAfee\SiteAdvisor

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16 810768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-05 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25 66688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-05 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-05-16 488208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16 688912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-05-16 444688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16 810768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16 688912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-11-20 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2015-05-16 164112]
"XMouseButtonControl"=C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [2015-03-03 1091568]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-18 2634872]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-08-18 1710568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\skotn_000\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-24 107848]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-08-19 2899136]
"Overwolf"=C:\Program Files (x86)\Overwolf\Overwolf.exe [2015-08-19 41200]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-05-21 4471536]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-05-08 8322328]
"Dropbox Update"=C:\Users\skotn_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22 134512]
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [2015-07-03 1092296]
"Spotify Web Helper"=C:\Users\skotn_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-31 2017848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\skotn_000\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"=C:\WINDOWS\system32\cmd.exe [2012-07-26 404992]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2013-07-15 111216]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2012-08-15 2994880]
"32ndBuzzer"=C:\Program Files (x86)\32nd Regiment Buzzer\Buzzer.exe [2015-01-17 180224]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30 334896]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-29 6111824]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2012-10-23 441856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-01 11:51:07 ----D---- C:\rsit
2015-09-01 11:51:07 ----D---- C:\Program Files\trend micro
2015-08-30 20:08:20 ----A---- C:\WINDOWS\wininit.ini
2015-08-30 17:55:47 ----D---- C:\ProgramData\SkidRow
2015-08-30 17:31:58 ----D---- C:\Program Files (x86)\TaleWorlds Entertainment
2015-08-30 16:05:30 ----D---- C:\FRST
2015-08-29 21:38:28 ----A---- C:\WINDOWS\system32\drivers\ngvss.sys
2015-08-29 21:38:28 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-08-29 21:38:28 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2015-08-29 21:38:28 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-08-29 21:38:28 ----A---- C:\WINDOWS\system32\drivers\aswsnx.sys
2015-08-29 21:38:28 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-08-29 21:38:28 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2015-08-29 21:38:28 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-08-29 21:38:28 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-08-29 21:38:24 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-08-29 21:38:13 ----A---- C:\WINDOWS\avastSS.scr
2015-08-29 21:36:22 ----D---- C:\Program Files\AVAST Software
2015-08-29 21:00:51 ----SHD---- C:\Config.Msi
2015-08-29 18:45:16 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-08-29 17:52:54 ----D---- C:\Users\skotn_000\AppData\Roaming\TuneUp Software
2015-08-29 17:48:52 ----HD---- C:\ProgramData\Common Files
2015-08-29 17:48:52 ----D---- C:\ProgramData\MFAData
2015-08-29 17:47:41 ----D---- C:\Program Files\Common Files\AV
2015-08-29 17:47:39 ----A---- C:\WINDOWS\AvastEmUpdate.ini
2015-08-29 17:47:24 ----D---- C:\WINDOWS\system32\Logs
2015-08-29 17:23:06 ----D---- C:\Users\skotn_000\AppData\Roaming\AVAST Software
2015-08-29 17:21:48 ----D---- C:\WINDOWS\SYSWOW64\vbox
2015-08-29 17:21:48 ----D---- C:\WINDOWS\system32\vbox
2015-08-27 16:11:37 ----D---- C:\Program Files (x86)\Larian Studios
2015-08-26 22:50:51 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2015-08-26 22:50:50 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2015-08-21 21:30:07 ----D---- C:\Users\skotn_000\AppData\Roaming\0ad
2015-08-21 19:52:05 ----D---- C:\Program Files (x86)\VS Revo Group
2015-08-19 23:11:30 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2015-08-19 23:11:30 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2015-08-19 23:11:30 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2015-08-19 23:11:30 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2015-08-19 23:08:29 ----D---- C:\WINDOWS\SYSWOW64\NV
2015-08-19 23:08:29 ----D---- C:\WINDOWS\system32\NV
2015-08-19 23:07:47 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2015-08-19 23:07:47 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2015-08-19 23:07:47 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2015-08-19 23:07:47 ----A---- C:\WINDOWS\system32\nvshext.dll
2015-08-19 23:07:47 ----A---- C:\WINDOWS\system32\nvmctray.dll
2015-08-19 23:07:47 ----A---- C:\WINDOWS\system32\nvcpl.dll
2015-08-19 23:07:47 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-19 23:07:47 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2015-08-19 22:52:51 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2015-08-19 22:52:43 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2015-08-19 22:52:43 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-19 22:52:43 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2015-08-19 22:52:42 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2015-08-19 22:52:42 ----A---- C:\WINDOWS\system32\drivers\nvpciflt.sys
2015-08-19 22:52:41 ----A---- C:\WINDOWS\system32\nvopencl.dll
2015-08-19 22:52:40 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2015-08-19 22:52:39 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2015-08-19 22:52:38 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2015-08-19 22:52:38 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2015-08-19 22:52:38 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2015-08-19 22:52:37 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2015-08-19 22:52:36 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2015-08-19 22:52:36 ----A---- C:\WINDOWS\system32\nvinitx.dll
2015-08-19 22:52:35 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2015-08-19 22:52:34 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2015-08-19 22:52:33 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2015-08-19 22:52:30 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2015-08-19 22:52:27 ----A---- C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-19 22:52:25 ----A---- C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-19 22:52:21 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2015-08-19 22:52:19 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2015-08-19 22:52:19 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2015-08-19 22:52:18 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2015-08-19 22:52:18 ----A---- C:\WINDOWS\system32\nvcuda.dll
2015-08-19 22:52:17 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2015-08-19 22:51:43 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2015-08-19 22:51:43 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2015-08-19 22:51:43 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2015-08-19 22:51:43 ----A---- C:\WINDOWS\system32\nvapi64.dll
2015-08-04 13:09:16 ----D---- C:\Program Files (x86)\Microsoft XNA

======List of files/folders modified in the last 1 month======

2015-09-01 11:56:18 ----D---- C:\Windows
2015-09-01 11:51:07 ----RD---- C:\Program Files
2015-09-01 11:47:52 ----D---- C:\WINDOWS\system32\Drivers
2015-09-01 11:47:52 ----D---- C:\Program Files (x86)
2015-09-01 11:38:52 ----D---- C:\WINDOWS\Temp
2015-09-01 11:33:38 ----D---- C:\Users\skotn_000\AppData\Roaming\Skype
2015-09-01 11:28:14 ----D---- C:\Program Files (x86)\Steam
2015-09-01 11:09:10 ----D---- C:\Program Files (x86)\Battle.net
2015-09-01 11:09:08 ----D---- C:\WINDOWS\system32\sru
2015-09-01 06:04:59 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-08-31 17:26:56 ----D---- C:\Users\skotn_000\AppData\Roaming\TS3Client
2015-08-31 17:12:41 ----D---- C:\Program Files (x86)\Warcraft III
2015-08-31 15:45:43 ----D---- C:\Users\skotn_000\AppData\Roaming\Spotify
2015-08-31 13:33:07 ----D---- C:\Program Files (x86)\Overwolf
2015-08-31 12:17:04 ----D---- C:\WINDOWS\AUInstallAgent
2015-08-31 12:14:43 ----HD---- C:\Program Files\WindowsApps
2015-08-30 20:15:18 ----HD---- C:\ProgramData
2015-08-30 20:15:18 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-30 20:14:10 ----D---- C:\AdwCleaner
2015-08-30 20:09:24 ----D---- C:\WINDOWS\Inf
2015-08-30 20:08:27 ----D---- C:\WINDOWS\System32
2015-08-30 20:08:27 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-08-30 20:08:26 ----SD---- C:\ProgramData\Microsoft
2015-08-30 18:41:27 ----D---- C:\Program Files (x86)\Skyrim
2015-08-30 17:25:28 ----D---- C:\Users\skotn_000\AppData\Roaming\uTorrent
2015-08-30 17:08:22 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-30 15:49:51 ----D---- C:\WINDOWS\system32\config
2015-08-29 22:01:47 ----D---- C:\WINDOWS\Tasks
2015-08-29 21:40:41 ----SHD---- C:\System Volume Information
2015-08-29 21:38:52 ----D---- C:\WINDOWS\system32\Tasks
2015-08-29 21:02:02 ----SHD---- C:\WINDOWS\Installer
2015-08-29 21:01:38 ----HD---- C:\WINDOWS\ELAMBKUP
2015-08-29 19:50:30 ----D---- C:\WINDOWS\CbsTemp
2015-08-29 19:46:11 ----D---- C:\WINDOWS\WinSxS
2015-08-29 18:20:22 ----D---- C:\WINDOWS\system32\catroot2
2015-08-29 17:49:11 ----D---- C:\WINDOWS\system32\catroot
2015-08-29 17:47:41 ----D---- C:\Program Files\Common Files
2015-08-29 17:47:41 ----D---- C:\Program Files (x86)\Common Files
2015-08-29 17:21:48 ----D---- C:\WINDOWS\SysWOW64
2015-08-29 17:16:03 ----D---- C:\ProgramData\AVAST Software
2015-08-27 21:15:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-27 17:59:02 ----D---- C:\Users\skotn_000\AppData\Roaming\vlc
2015-08-27 16:10:12 ----D---- C:\Users\skotn_000\AppData\Roaming\DAEMON Tools Lite
2015-08-26 22:52:32 ----D---- C:\ProgramData\NVIDIA Corporation
2015-08-26 22:51:34 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-26 11:03:54 ----RSD---- C:\WINDOWS\assembly
2015-08-21 20:44:47 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-08-21 20:42:10 ----D---- C:\Program Files\Microsoft Office 15
2015-08-21 19:54:14 ----D---- C:\Program Files (x86)\R.G. Mechanics
2015-08-21 18:26:20 ----D---- C:\Users\skotn_000\AppData\Roaming\Dropbox
2015-08-20 20:11:30 ----D---- C:\Program Files\TeamSpeak 3 Client
2015-08-20 08:30:49 ----D---- C:\WINDOWS\SoftwareDistribution
2015-08-19 23:49:25 ----D---- C:\Program Files (x86)\World of Warcraft
2015-08-19 23:28:16 ----D---- C:\WINDOWS\Minidump
2015-08-19 23:28:16 ----D---- C:\WINDOWS\Logs
2015-08-19 23:11:29 ----D---- C:\Program Files\NVIDIA Corporation
2015-08-19 23:11:29 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-08-19 23:08:20 ----D---- C:\ProgramData\NVIDIA
2015-08-19 23:07:42 ----D---- C:\WINDOWS\Help
2015-08-19 22:55:51 ----RD---- C:\Users
2015-08-18 20:16:49 ----D---- C:\Program Files (x86)\Hearthstone
2015-08-16 11:59:15 ----D---- C:\WINDOWS\LiveKernelReports
2015-08-16 11:03:25 ----D---- C:\ProgramData\Skype
2015-08-15 10:48:36 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2015-08-15 10:48:34 ----A---- C:\WINDOWS\system32\Robocopy.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-08-29 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-08-29 274808]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2015-08-29 115152]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-08-07 31352]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-08-29 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-08-29 1048344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-08-29 447944]
R1 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [2012-05-26 168608]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-08-29 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-08-29 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-08-29 150672]
R2 speedfan;speedfan; \??\C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-08-29 273824]
R3 athr;@oem18.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-01-21 3747840]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\WINDOWS\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\WINDOWS\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 BTATH_BUS;@oem13.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-01-25 34384]
R3 dtlitescsibus;@oem20.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-05-25 30264]
R3 ETD;@oem11.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-11-20 331152]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-08-07 11076216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-18 19576]
R3 nvvad_WaveExtensible;@oem34.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 Ps2Kb2Hid;@oem10.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2013-07-15 26736]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-06 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AthBTPort;@oem17.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-01-25 89168]
S3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2012-06-02 5139968]
S3 BTATH_A2DP;@oem16.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-01-25 346192]
S3 btath_avdt;@oem16.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-01-25 115280]
S3 BTATH_HCRP;@oem19.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-01-25 179432]
S3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-01-25 77464]
S3 BTATH_RCP;@oem23.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-01-25 136424]
S3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-01-25 581200]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-04-21 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2013-04-21 74752]
S3 dg_ssudbus;@oem28.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2013-03-01 156672]
S3 ssudmdm;@oem30.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;@oem31.inf,%ssud.Service.Name%;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudobex.sys [2014-01-22 206080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-25 227456]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-08-29 146600]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-02-20 2615368]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-07-14 2765496]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-12-10 350544]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-11-20 100752]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-18 1155192]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-08-15 3943104]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-18 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-18 5544568]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-08-07 937592]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2015-06-07 76152]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2013-07-15 96880]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-08-29 4047768]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-03-16 662088]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-05-21 1272560]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-01 148136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-01 150600]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-08-19 1006320]

-----------------EOF-----------------

#10 Příspěvek od **Márty84** » 02 zář 2015 09:08

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Google Update] => C:\Users\skotn_000\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-05-24] (Google Inc.)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\...\Run: [Dropbox Update] => C:\Users\skotn_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

HKU\S-1-5-21-3338900602-571765566-1102821152-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-3338900602-571765566-1102821152-1002 -> DefaultScope {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116} URL =
SearchScopes: HKU\S-1-5-21-3338900602-571765566-1102821152-1002 -> {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116} URL =

FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>

2015-08-30 20:15 - 2015-06-27 11:17 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-30 20:08 - 2015-06-27 11:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_203_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core.job => C:\Users\skotn_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA.job => C:\Users\skotn_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002Core.job => C:\Users\skotn_000\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338900602-571765566-1102821152-1002UA.job => C:\Users\skotn_000\AppData\Local\Google\Update\GoogleUpdate.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Ardenlax · #11 Příspěvek od **Ardenlax** » 02 zář 2015 15:55

Co jste řekl, to jsem udělal. počítač se vypl, při restartu mi to hodilo modrou obrazovku s mračícím se smajlíkem a zprávou, že počítač nelze spustit, a chyba CRITICAL_SERVICE_FAILURE. restartoval jsem znova, udělalo to to samé. Po 3. naběhla obnova systému do dřívějšího stavu, z něho se dá s počítačem pracovat. Nevím, co se stalo, ale celkem mě to vyděsilo...Doufám, že víte co děláte...

#12 Příspěvek od **Márty84** » 02 zář 2015 18:14

Ja vim docela dobre co delam, ale ten pocitac ma zrejme nejaky problem. Nemazal/nevypinal jsem nic podstatneho, jen bezne veci, jako stovkam dalsim

Jelikoz nevim, o kolik to system vratilo zpet, jak ted pc funguje? A co ten Avast? Je vse stejne?

Ardenlax · #13 Příspěvek od **Ardenlax** » 02 zář 2015 18:27

Nechtěl jsem vás urazit, jen jsem byl malinko vyděšený ze situace, nemyslel jsem nic špatného. Zatím všechno jede jak má, problém jsem nespozoroval, uvidím, jak bude po restartu/ znovuspuštění.

#14 Příspěvek od **Márty84** » 02 zář 2015 19:03

V pohode, ja jsem se neurazil

Jen jsem vas chtel ujistit, ze kroky, ktere jsem delal, jsou overene, vyzkousene a nejsou pro pc nijak nebezpecne.

Pocitac tedy poradne vyzkousejte a dejte vedet. Podle jeho stavu se zaridime dale.

Ardenlax · #15 Příspěvek od **Ardenlax** » 02 zář 2015 20:52

Pár hodin nic, potom to znovu naskočilo, Hostitel služby: místní systém (16) žere ram, System žere disk.

VIRY.CZ

Avast - Vytížení

Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení

Re: Avast - Vytížení