Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu, děkuji.

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
3rw0sh
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 26 čer 2012 16:53

Prosím o kontrolu, děkuji.

#1 Příspěvek od 3rw0sh »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2017
Ran by h0n7a (administrator) on PC-I5 (18-11-2017 20:43:56)
Running from C:\Users\h0n7a\Downloads
Loaded Profiles: h0n7a (Available Profiles: h0n7a)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(EVGA Corp.) C:\Program Files (x86)\EVGA\Precision XOC\PrecisionX_x64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TomTom) C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
() C:\Program Files (x86)\SpeedFan\speedfan.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() D:\Program Files\GoPro Quick\GoPro Desktop App\GoProDeviceDetection.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [GoPro Tray App] => D:\Program Files\GoPro Quick\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-26] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26102968 2017-10-12] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKU\S-1-5-21-396693443-811109266-3812187763-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40417680 2017-11-01] ()
HKU\S-1-5-21-396693443-811109266-3812187763-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-396693443-811109266-3812187763-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [638464 2017-08-23] (TomTom)
Startup: C:\Users\h0n7a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SQLServer.lnk [2017-11-17]
ShortcutTarget: SQLServer.lnk -> C:\CENTURA\dbnt1sv.exe (No File)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{17ECCBA6-4837-463F-AFC0-FA956A81BADF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{453CDEAA-0A7C-4DD2-BC06-6C7A16468CEB}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-396693443-811109266-3812187763-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://adisepo.mfcr.cz/adistc/adis/idpr_epo/epo2/uvod/vstup.faces
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\h0n7a\AppData\Roaming\Mozilla\Firefox\Profiles\Hg9VKxZE.default [2017-02-10]
FF Extension: (Avira Browser Safety) - C:\Users\h0n7a\AppData\Roaming\Mozilla\Firefox\Profiles\Hg9VKxZE.default\Extensions\abs@avira.com [2017-02-10]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default [2017-11-18]
CHR Extension: (Prezentace) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-10]
CHR Extension: (Web Developer) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-08-02]
CHR Extension: (James White) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2017-02-10]
CHR Extension: (YouTube) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-10]
CHR Extension: (Tabulky) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-10]
CHR Extension: (AdBlock) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-16]
CHR Extension: (FormApps Extension) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-17]
CHR Extension: (Mapy Google) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-02-10]
CHR Extension: (AirMirror) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2017-06-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-10]
CHR Extension: (Chrome Media Router) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-17]
CHR Profile: C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-11-17]
CHR Extension: (Prezentace) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-25]
CHR Extension: (Dokumenty) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-25]
CHR Extension: (Disk Google) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-12]
CHR Extension: (YouTube) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-12]
CHR Extension: (Adobe Acrobat) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-25]
CHR Extension: (Tabulky) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-13]
CHR Extension: (AdBlock) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-03]
CHR Extension: (Gmail) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-12]
CHR Extension: (HP Client Security Manager) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkdnjfgdoolnmiacpdamadcneoblphbj [2017-06-24]
CHR Extension: (Chrome Media Router) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-25]
CHR Profile: C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-11-17]
CHR Extension: (Prezentace) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-24]
CHR Extension: (Dokumenty) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-24]
CHR Extension: (Disk Google) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-27]
CHR Extension: (YouTube) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-27]
CHR Extension: (Adobe Acrobat) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-24]
CHR Extension: (Tabulky) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-24]
CHR Extension: (Avira Browser Safety) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-07]
CHR Extension: (AdBlock) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-02-27]
CHR Extension: (Mapy Google) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-03]
CHR Extension: (Gmail) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-27]
CHR Extension: (Chrome Media Router) - C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-03]
CHR Profile: C:\Users\h0n7a\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-396693443-811109266-3812187763-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128944 2017-11-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-11-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-11-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1526832 2017-11-17] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [407408 2017-10-26] (Avira Operations GmbH & Co. KG)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-11] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-11-13] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526888 2017-10-24] (EasyAntiCheat Ltd)
R2 GoProDeviceDetectionService; D:\Program Files\GoPro Quick\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2298040 2017-09-20] (Micro-Star INT'L CO., LTD.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460920 2017-10-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2017-07-21] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2017-07-21] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-17] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176224 2017-09-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [167464 2017-08-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2017-06-17] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2017-02-10] (REALiX(tm))
S3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [29272 2016-11-04] (Intel)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R2 WinRing0_1_2_0; C:\Program Files (x86)\EVGA\Precision XOC\WinRing0\WinRing0x64.sys [14536 2015-10-20] (OpenLibSys.org)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 RtlWlanu; \SystemRoot\system32\DRIVERS\rtwlanu.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-18 20:43 - 2017-11-18 20:44 - 000023509 _____ C:\Users\h0n7a\Downloads\FRST.txt
2017-11-18 20:43 - 2017-11-18 20:43 - 000000000 ____D C:\FRST
2017-11-18 20:42 - 2017-11-18 20:43 - 002392064 _____ (Farbar) C:\Users\h0n7a\Downloads\FRST64.exe
2017-11-18 20:40 - 2017-11-18 20:40 - 000000000 ____D C:\Users\h0n7a\Desktop\markéta
2017-11-18 20:34 - 2017-11-18 20:34 - 000201838 _____ C:\Users\h0n7a\Downloads\Zpravy-pro-obce-kraje_2017-c-04.pdf
2017-11-18 20:34 - 2017-11-18 20:34 - 000114002 _____ C:\Users\h0n7a\Downloads\Zpravy-pro-obce-kraje_2017-c-06.pdf
2017-11-18 20:30 - 2017-11-18 20:30 - 005444016 _____ C:\Users\h0n7a\Downloads\Informacni-letak_2016_Statni-rozpocet-v-kostce.pdf
2017-11-18 20:30 - 2017-11-18 20:30 - 000313856 _____ C:\Users\h0n7a\Downloads\statni_rozpocet_peskova.ppt
2017-11-18 20:28 - 2017-11-18 20:28 - 001238519 _____ C:\Users\h0n7a\Downloads\Makro-ekonomicka-predikce_2017-Q2_Makroekonomicka-predikce-duben-2017 (1).pdf
2017-11-18 19:36 - 2017-11-18 19:36 - 000272432 _____ C:\Users\h0n7a\Downloads\Zpravy-pro-obce-kraje_2017-c-02_2.pdf
2017-11-18 19:31 - 2017-11-18 19:32 - 002193039 _____ C:\Users\h0n7a\Downloads\Makro-ekonomicka-predikce_2017-Q2_Tabulky-a-grafy.xlsx
2017-11-18 19:31 - 2017-11-18 19:32 - 001238519 _____ C:\Users\h0n7a\Downloads\Makro-ekonomicka-predikce_2017-Q2_Makroekonomicka-predikce-duben-2017.pdf
2017-11-17 18:25 - 2017-11-17 18:25 - 000000000 ____D C:\Users\h0n7a\Documents\Lightshot
2017-11-17 18:24 - 2017-11-18 19:12 - 000000400 _____ C:\Windows\Tasks\update-sys.job
2017-11-17 18:24 - 2017-11-18 18:15 - 000000400 _____ C:\Windows\Tasks\update-S-1-5-21-396693443-811109266-3812187763-1001.job
2017-11-17 18:24 - 2017-11-17 18:24 - 000003270 _____ C:\Windows\System32\Tasks\update-sys
2017-11-17 18:24 - 2017-11-17 18:24 - 000003248 _____ C:\Windows\System32\Tasks\update-S-1-5-21-396693443-811109266-3812187763-1001
2017-11-17 18:24 - 2017-11-17 18:24 - 000000425 _____ C:\Users\h0n7a\AppData\Local\UserProducts.xml
2017-11-17 18:24 - 2017-11-17 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2017-11-17 18:24 - 2017-11-17 18:24 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2017-11-17 15:29 - 2017-11-17 15:29 - 000001759 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-11-17 15:29 - 2017-11-17 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-17 15:29 - 2017-11-17 15:29 - 000000000 ____D C:\Program Files\iPod
2017-11-17 15:13 - 2017-11-17 19:47 - 000000000 ____D C:\Users\h0n7a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aconto CORPORATE
2017-11-16 14:34 - 2017-10-11 08:35 - 000143016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-16 14:34 - 2017-10-10 16:21 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-11-16 14:34 - 2017-10-10 14:18 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-16 14:34 - 2017-10-10 14:18 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-16 14:34 - 2017-10-10 14:18 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-16 14:34 - 2017-10-10 14:18 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-16 14:34 - 2017-10-10 14:18 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-16 14:34 - 2017-10-10 14:18 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-16 14:34 - 2017-10-10 14:18 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-16 14:34 - 2017-10-10 14:18 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-16 14:34 - 2017-10-10 14:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-16 14:23 - 2017-10-17 20:11 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-11-16 14:23 - 2017-10-16 19:38 - 002013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-16 14:23 - 2017-10-14 14:04 - 001548624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-11-16 14:23 - 2017-10-14 09:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-16 14:23 - 2017-10-14 09:23 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-16 14:23 - 2017-10-14 09:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-16 14:23 - 2017-10-14 09:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-11-16 14:23 - 2017-10-14 09:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-16 14:23 - 2017-10-14 09:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-16 14:23 - 2017-10-14 08:36 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-11-16 14:23 - 2017-10-14 08:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-16 14:23 - 2017-10-14 08:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-11-16 14:23 - 2017-10-14 08:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-16 14:23 - 2017-10-14 08:30 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-16 14:23 - 2017-10-14 08:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-11-16 14:23 - 2017-10-14 08:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-16 14:23 - 2017-10-14 08:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-16 14:23 - 2017-10-14 08:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-11-16 14:23 - 2017-10-14 08:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-16 14:23 - 2017-10-14 08:05 - 015431680 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-16 14:23 - 2017-10-14 07:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-11-16 14:23 - 2017-10-14 07:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-11-16 14:23 - 2017-10-14 07:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-11-16 14:23 - 2017-10-14 07:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-11-16 14:23 - 2017-10-14 07:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-11-16 14:23 - 2017-10-14 07:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-11-16 14:23 - 2017-10-14 07:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-11-16 14:23 - 2017-10-14 07:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-11-16 14:23 - 2017-10-14 07:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-11-16 14:23 - 2017-10-14 07:24 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-11-16 14:23 - 2017-10-14 07:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-11-16 14:23 - 2017-10-14 07:14 - 013317632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-11-16 14:23 - 2017-10-14 07:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-11-16 14:23 - 2017-10-14 07:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-11-16 14:23 - 2017-10-14 07:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-11-16 14:23 - 2017-10-10 17:36 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-16 14:23 - 2017-10-10 16:38 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-16 14:23 - 2017-10-10 16:38 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
2017-11-16 14:23 - 2017-10-10 16:11 - 002749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-11-16 14:23 - 2017-10-10 16:08 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll
2017-11-16 14:23 - 2017-10-05 08:17 - 000380248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-11-16 14:23 - 2017-09-15 00:52 - 000986968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-11-16 14:23 - 2017-09-08 18:14 - 003084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-11-16 14:23 - 2017-09-08 17:50 - 002471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-11-16 14:23 - 2017-09-08 04:31 - 000685440 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-11-16 14:23 - 2017-09-08 04:28 - 000507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-11-16 14:23 - 2017-09-07 22:31 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\mgmtapi.dll
2017-11-16 14:23 - 2017-09-07 20:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mgmtapi.dll
2017-11-16 14:23 - 2017-09-07 18:20 - 000513456 _____ C:\Windows\SysWOW64\locale.nls
2017-11-16 14:23 - 2017-09-07 18:20 - 000513456 _____ C:\Windows\system32\locale.nls
2017-11-16 14:23 - 2017-09-07 14:40 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-16 14:23 - 2017-09-07 14:40 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-11-16 14:23 - 2017-09-07 00:07 - 000158552 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-16 14:23 - 2017-09-06 22:17 - 000461144 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-16 14:23 - 2017-09-06 22:17 - 000443224 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-16 14:23 - 2017-09-06 15:14 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2017-11-16 14:23 - 2017-08-11 02:39 - 002779136 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-11-16 14:23 - 2017-08-11 02:30 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-11-16 13:22 - 2017-10-26 01:44 - 015211616 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll
2017-11-16 13:22 - 2017-10-26 01:44 - 003299816 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2017-11-16 13:22 - 2017-10-26 01:44 - 002190976 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2017-11-16 13:22 - 2017-10-26 01:44 - 001382232 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2017-11-16 13:22 - 2017-10-26 01:44 - 001337632 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2017-11-16 13:22 - 2017-10-26 01:44 - 000852128 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2017-11-16 13:22 - 2017-10-26 01:44 - 000604792 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2017-11-16 13:22 - 2017-10-26 01:44 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2017-11-16 13:22 - 2017-10-26 01:44 - 000075536 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 003121112 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 001435136 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 000873456 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 000532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 000467152 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 000381400 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 000341144 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 000341144 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 000221960 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 000209528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 000166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2017-11-16 13:22 - 2017-10-26 01:43 - 000158688 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2017-11-16 13:22 - 2017-10-26 01:42 - 003410320 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2017-11-16 13:22 - 2017-10-26 01:42 - 000986992 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2017-11-16 13:22 - 2017-10-26 01:42 - 000965016 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2017-11-16 13:22 - 2017-10-26 01:42 - 000231912 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2017-11-16 13:22 - 2017-10-26 01:42 - 000090912 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2017-11-16 13:22 - 2017-10-26 01:42 - 000083616 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 003677152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-11-16 13:22 - 2017-10-26 01:41 - 003509192 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 003205120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 001016928 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000877424 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000868168 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000866640 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000737960 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000526272 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000258856 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000214824 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000110976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2017-11-16 13:22 - 2017-10-26 01:41 - 000088312 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 072520704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2017-11-16 13:22 - 2017-10-26 01:40 - 007172904 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 006023080 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2017-11-16 13:22 - 2017-10-26 01:40 - 003561920 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 003135776 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 002922976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 001351232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000691672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000680544 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000447712 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000416504 _____ (Harman) C:\Windows\system32\HMUI.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000378376 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000154352 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000151776 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000134192 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000084608 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2017-11-16 13:22 - 2017-10-26 01:40 - 000023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 007096184 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 006264632 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 001780616 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 001591056 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 001159176 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000727432 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000708304 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000504304 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000445392 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000441264 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000406448 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000366112 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000360336 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000253896 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000253856 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000252872 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000203832 _____ (Harman) C:\Windows\system32\HMHVS.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000190928 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000190928 _____ (Harman) C:\Windows\system32\HMEQ.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000179592 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000122312 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000118584 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2017-11-16 13:22 - 2017-10-26 01:39 - 000105304 _____ C:\Windows\system32\audioLibVc.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 005346992 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 002992176 _____ (Audyssey Labs) C:\Windows\system32\AudysseyEfx.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 002444680 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 001965808 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 001959592 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 001544248 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 001508928 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 001372384 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 001259720 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 000743960 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 000362048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 000327448 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 000310416 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2017-11-16 13:22 - 2017-10-26 01:38 - 000272712 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2017-11-16 13:22 - 2017-10-26 01:10 - 014522964 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-11-16 13:04 - 2017-11-16 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVGA
2017-11-16 12:52 - 2017-11-16 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-13 11:26 - 2017-11-13 11:26 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-11-13 11:26 - 2017-11-13 11:26 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-11-13 11:26 - 2017-11-13 11:26 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-11-13 11:26 - 2017-11-13 11:26 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-11-06 21:12 - 2017-11-06 21:12 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-11-06 21:12 - 2017-09-14 00:20 - 000798008 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-11-06 21:12 - 2017-09-14 00:20 - 000490296 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-11-06 21:12 - 2017-09-14 00:19 - 000927544 _____ C:\Windows\system32\vulkan-1.dll
2017-11-06 21:12 - 2017-09-14 00:19 - 000591160 _____ C:\Windows\system32\vulkaninfo.exe
2017-11-06 21:11 - 2017-10-27 18:46 - 040237688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 036194424 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 035156928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 029236344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 023262464 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 019037416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 018207248 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 016763000 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-11-06 21:11 - 2017-10-27 18:46 - 013864232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 013254520 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 011779328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 010882720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 003807680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 003346552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 001989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438813.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 001673848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438813.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 001135464 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 001099200 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 001030592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000981112 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000932472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000895968 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000885680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000615360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000527288 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000505976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000446216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000171896 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000154392 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000149552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-11-06 21:11 - 2017-10-27 18:46 - 000132256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-11-06 20:17 - 2017-11-06 20:17 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2017-10-25 10:29 - 2017-11-16 19:57 - 000000000 ____D C:\Users\h0n7a\AppData\Local\NVIDIA
2017-10-20 21:07 - 2017-10-27 18:46 - 015027984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-10-20 21:07 - 2017-10-09 13:20 - 000225208 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-10-20 21:07 - 2017-10-09 13:20 - 000045496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-10-20 21:07 - 2017-10-06 14:32 - 001988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438792.dll
2017-10-20 21:07 - 2017-10-06 14:32 - 001606776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438792.dll
2017-10-20 21:07 - 2017-10-06 14:32 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-10-20 21:07 - 2017-10-06 14:32 - 000000669 _____ C:\Windows\system32\nv-vk64.json

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-18 20:29 - 2017-02-10 21:57 - 000000000 ____D C:\Users\h0n7a\AppData\Local\Packages
2017-11-18 20:27 - 2017-02-11 00:22 - 000000918 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-18 18:55 - 2017-02-10 22:02 - 000003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-396693443-811109266-3812187763-1001
2017-11-18 18:50 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-18 18:50 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness
2017-11-18 17:34 - 2014-11-21 05:13 - 001748728 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-18 17:34 - 2014-11-21 04:17 - 000739580 _____ C:\Windows\system32\perfh005.dat
2017-11-18 17:34 - 2014-11-21 04:17 - 000151742 _____ C:\Windows\system32\perfc005.dat
2017-11-18 17:34 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2017-11-18 17:28 - 2017-02-11 00:22 - 000000914 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-18 17:28 - 2017-02-11 00:22 - 000000000 ___RD C:\Users\h0n7a\Disk Google
2017-11-18 17:28 - 2017-02-10 23:32 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-18 17:28 - 2017-02-10 23:03 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2017-11-18 17:28 - 2017-02-10 22:34 - 000000000 __RDO C:\Users\h0n7a\OneDrive
2017-11-18 17:28 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-17 23:53 - 2017-02-10 21:57 - 000000000 ____D C:\Users\h0n7a
2017-11-17 23:53 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2017-11-17 23:22 - 2017-02-11 11:12 - 000000000 ____D C:\Users\h0n7a\AppData\Local\Ubisoft Game Launcher
2017-11-17 23:01 - 2017-02-12 22:54 - 000000000 ____D C:\Users\h0n7a\AppData\Roaming\TS3Client
2017-11-17 22:58 - 2017-02-19 15:20 - 000000000 ____D C:\Users\h0n7a\AppData\Local\CrashDumps
2017-11-17 19:08 - 2013-08-22 15:44 - 005069264 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-17 19:07 - 2017-03-16 10:32 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-17 16:50 - 2017-02-16 09:21 - 000000000 ____D C:\Users\h0n7a\AppData\Roaming\vlc
2017-11-17 15:29 - 2017-05-17 23:16 - 000000000 ____D C:\Program Files\iTunes
2017-11-17 02:59 - 2017-02-10 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-11-17 02:24 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2017-11-17 02:23 - 2017-02-10 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-11-17 02:22 - 2013-08-22 14:25 - 000000167 _____ C:\Windows\win.ini
2017-11-16 23:50 - 2017-02-10 22:42 - 000002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-16 23:42 - 2017-02-10 22:37 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-16 23:42 - 2017-02-10 22:37 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-16 20:21 - 2017-02-10 22:46 - 000000000 ____D C:\Users\h0n7a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2017-11-16 15:17 - 2017-02-19 09:34 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-16 15:16 - 2017-10-18 20:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-16 13:22 - 2017-07-27 13:02 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2017-11-16 13:22 - 2017-02-11 00:02 - 000000000 ____D C:\Windows\system32\RTCOM
2017-11-16 13:22 - 2017-02-11 00:02 - 000000000 ____D C:\Windows\system32\DAX3
2017-11-16 13:22 - 2017-02-11 00:02 - 000000000 ____D C:\Windows\system32\DAX2
2017-11-16 13:22 - 2017-02-11 00:01 - 000000000 ___HD C:\Program Files (x86)\Temp
2017-11-16 13:07 - 2017-06-30 08:13 - 000001975 _____ C:\Users\Public\Desktop\MSI Live Update 6.lnk
2017-11-16 13:07 - 2017-05-06 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2017-11-16 13:07 - 2017-05-06 11:30 - 000000000 ____D C:\Program Files (x86)\MSI
2017-11-16 13:05 - 2017-02-10 23:37 - 000000000 ____D C:\Windows\SysWOW64\directx
2017-11-16 13:04 - 2017-02-10 23:37 - 000002198 _____ C:\Users\Public\Desktop\Skin Tool.lnk
2017-11-16 13:04 - 2017-02-10 23:37 - 000002125 _____ C:\Users\Public\Desktop\EVGA Precision XOC.lnk
2017-11-16 12:52 - 2017-02-11 00:22 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-11-05 21:54 - 2017-02-10 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2017-11-05 21:54 - 2017-02-10 23:05 - 000000000 ____D C:\Program Files\HWiNFO64
2017-11-05 21:49 - 2017-09-28 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-11-05 21:43 - 2017-02-10 22:01 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-04 01:41 - 2014-11-21 13:20 - 000835568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-04 01:41 - 2014-11-21 13:20 - 000177648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-27 18:46 - 2017-07-27 12:42 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-10-27 18:46 - 2017-07-27 12:40 - 021744632 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-10-27 18:46 - 2017-07-27 12:40 - 019012232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-10-27 18:46 - 2017-07-27 12:40 - 004284496 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-10-27 18:46 - 2017-07-27 12:40 - 003799032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-10-27 18:46 - 2017-07-27 12:40 - 000492048 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-10-27 18:46 - 2017-07-27 12:40 - 000046182 _____ C:\Windows\system32\nvinfo.pb
2017-10-27 17:36 - 2017-07-27 12:41 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2017-10-27 17:12 - 2017-07-27 12:42 - 005960824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-10-27 17:12 - 2017-07-27 12:42 - 002587768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-10-27 17:12 - 2017-07-27 12:42 - 001766520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-10-27 17:12 - 2017-07-27 12:42 - 000607168 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-10-27 17:12 - 2017-07-27 12:42 - 000449656 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-10-27 17:12 - 2017-07-27 12:42 - 000123000 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-10-27 17:12 - 2017-07-27 12:42 - 000081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-10-25 11:33 - 2017-07-27 12:42 - 007802921 _____ C:\Windows\system32\nvcoproc.bin
2017-10-22 11:14 - 2017-02-11 11:22 - 000000000 ____D C:\Users\h0n7a\AppData\Local\Adobe
2017-10-20 21:09 - 2017-08-15 14:31 - 000000000 ____D C:\Users\h0n7a\AppData\Roaming\NVIDIA
2017-10-20 21:08 - 2017-07-27 12:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-10-20 21:08 - 2017-02-10 23:31 - 000000000 ____D C:\Program Files\NVIDIA Corporation

==================== Files in the root of some directories =======

2017-02-19 21:56 - 2017-08-15 14:32 - 000000132 _____ () C:\Users\h0n7a\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2017-02-19 16:52 - 2017-10-07 17:45 - 000000187 _____ () C:\Users\h0n7a\AppData\Roaming\COPA_Last_Connected_Device.ini
2017-02-19 16:49 - 2017-02-19 16:49 - 000000098 _____ () C:\Users\h0n7a\AppData\Roaming\SDC_Path.ini
2017-02-22 20:35 - 2017-02-22 20:35 - 000000017 _____ () C:\Users\h0n7a\AppData\Local\resmon.resmoncfg
2017-11-17 18:24 - 2017-11-17 18:24 - 000000003 _____ () C:\Users\h0n7a\AppData\Local\updater.log
2017-11-17 18:24 - 2017-11-17 18:24 - 000000425 _____ () C:\Users\h0n7a\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
2017-06-23 17:01 - 2017-11-18 17:29 - 000192512 _____ () C:\Users\h0n7a\AppData\Local\Temp\sfamcc00001.dll
2017-11-18 17:29 - 2017-11-18 17:29 - 000158720 _____ () C:\Users\h0n7a\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-16 13:02

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, děkuji.

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

3rw0sh
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 26 čer 2012 16:53

Re: Prosím o kontrolu, děkuji.

#3 Příspěvek od 3rw0sh »

# AdwCleaner 7.0.4.0 - Logfile created on Tue Nov 21 13:07:15 2017
# Updated on 2017/27/10 by Malwarebytes
# Database: 11-21-2017.1
# Running on Windows 8.1 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy, SearchProvider found: Slunečnice - slunecnice.cz

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271


*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, děkuji.

#4 Příspěvek od Rudy »

V ADW ještě klikněte na mazání, restartujte a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

3rw0sh
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 26 čer 2012 16:53

Re: Prosím o kontrolu, děkuji.

#5 Příspěvek od 3rw0sh »

Logfile of random's system information tool 1.10 (written by random/random)
Run by h0n7a at 2017-11-21 23:13:59
Microsoft Windows 8.1 Pro
System drive C: has 124 GB (54%) free of 228 GB
Total RAM: 16348 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:14:00, on 21. 11. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
C:\PROGRA~2\Google\Drive\GOOGLE~1.EXE
C:\PROGRA~2\Google\Drive\GOOGLE~1.EXE
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files\trend micro\h0n7a.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://adisepo.mfcr.cz/adistc/adis/idp ... stup.faces
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Sound Blaster Tactic3D Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe" /r
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [TomTom MySports Connect.exe] C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe --hideSplashScreen
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GoPro Device Detection Service (GoProDeviceDetectionService) - Unknown owner - D:\Program Files\GoPro Quick\GoPro Desktop App\GoProDeviceDetection.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Live Update Service (MSI_LiveUpdate_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11526 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
taskhostex.exe
"C:\Program Files (x86)\EVGA\Precision XOC\PrecisionX_x64.exe" /s
C:\Windows\Explorer.EXE
taskeng.exe {047AC6C4-126D-458A-BE06-4907ED5FFCDD}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {02315622-d481-43b2-b6d8c0495c110e75}
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_000007d8
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe" --hideSplashScreen
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe" /r
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\h0n7a\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-39.4.49 --annotation=client_session_id=49fa0241-3943-4ade-8f9d-d214d6762114 --annotation=host_int_account1_boot=16052370176 --annotation=machine_id=89331bdd-df1d-481e-b3a9-bf3861092a70 --annotation=platform=win --annotation=platform_version=8.1 --initial-client-data=0x118,0x11c,0x120,0x114,0x10c,0x67226dc0,0x67226dd0,0x67226de0
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:49fa0241-3943-4ade-8f9d-d214d6762114 -target-handle:276 -target-shutdown-event:268 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_956_EYENBHYYTHKASYDP
"C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe" -Embedding
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe"
C:\PROGRA~2\Google\Drive\GOOGLE~1.EXE --ma_controller
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\PROGRA~2\Google\Drive\GOOGLE~1.EXE --ma_controller
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Users\h0n7a\Desktop\RSITx64.exe"
"D:\Program Files\GoPro Quick\GoPro Desktop App\GoProDeviceDetection.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564
wmiadap.exe /F /T /R
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\h0n7a\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\update-S-1-5-21-396693443-811109266-3812187763-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2017-02-23 2351920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"GoPro Tray App"=D:\Program Files\GoPro Quick\GoPro Desktop App\GoProDesktopSystemTray.exe [2017-03-16 866224]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-10-26 9235936]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-10-20 297784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2017-11-01 40417680]
"AdobeBridge"= []
"TomTom MySports Connect.exe"=C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [2017-08-23 638464]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-11-13 3567928]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Sound Blaster Tactic3D Control Panel"=C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2014-07-03 2091008]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2017-10-12 26102968]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2017-04-11 225944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.CFHD"=CFHD.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-21 23:10:59 ----D---- C:\rsit
2017-11-21 23:10:59 ----D---- C:\Program Files\trend micro
2017-11-21 14:06:32 ----D---- C:\AdwCleaner
2017-11-17 18:24:22 ----D---- C:\Program Files (x86)\Skillbrains
2017-11-17 15:29:56 ----D---- C:\Program Files\iPod
2017-11-16 14:34:59 ----A---- C:\Windows\system32\pcasvc.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\invagent.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\generaltel.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\devinv.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-16 14:34:59 ----A---- C:\Windows\system32\centel.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\appraiser.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-16 14:34:59 ----A---- C:\Windows\system32\aepic.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\aeinv.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\acmigration.dll
2017-11-16 14:23:04 ----A---- C:\Windows\system32\mshtml.dll
2017-11-16 14:23:03 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-11-16 14:23:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-11-16 14:23:03 ----A---- C:\Windows\system32\wmp.dll
2017-11-16 14:23:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-11-16 14:23:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-11-16 14:23:02 ----A---- C:\Windows\system32\win32k.sys
2017-11-16 14:23:02 ----A---- C:\Windows\system32\msftedit.dll
2017-11-16 14:23:02 ----A---- C:\Windows\system32\jscript9.dll
2017-11-16 14:23:02 ----A---- C:\Windows\system32\ieframe.dll
2017-11-16 14:23:01 ----AC---- C:\Windows\system32\drivers\usbhub.sys
2017-11-16 14:23:01 ----AC---- C:\Windows\system32\drivers\usbccgp.sys
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\wininet.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\vbscript.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\urlmon.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\tquery.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\msfeeds.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\jscript.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\iertutil.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-11-16 14:23:01 ----A---- C:\Windows\system32\drivers\http.sys
2017-11-16 14:23:01 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-11-16 14:23:01 ----A---- C:\Windows\system32\authui.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\advapi32.dll
2017-11-16 14:23:00 ----AC---- C:\Windows\system32\drivers\usbport.sys
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\PCPTpm12.dll
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\mgmtapi.dll
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\webcheck.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\regsvc.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\PCPTpm12.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\mgmtapi.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\inetcomm.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\iedkcs32.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\ieapfltr.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\ie4uinit.exe
2017-11-16 14:23:00 ----A---- C:\Windows\system32\drivers\storport.sys
2017-11-16 14:23:00 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-16 13:22:16 ----A---- C:\Windows\SYSWOW64\SRCOM.dll
2017-11-16 13:22:16 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2017-11-16 13:22:16 ----A---- C:\Windows\SYSWOW64\SEHDHF32.dll
2017-11-16 13:22:16 ----A---- C:\Windows\SYSWOW64\SECOMN32.dll
2017-11-16 13:22:16 ----A---- C:\Windows\SYSWOW64\RltkAPO.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\YamahaAE3.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\YamahaAE2.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\YamahaAE.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tossaemaxapo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tossaeapo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\toseaeapo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tosasfapo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tosade.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tepeqapo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tadefxapo264.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tadefxapo.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRSWOW64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRSTSX64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRSTSH64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRSHP64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRRPTR64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRCOM64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRCOM.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRAPO64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\sltech64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\slprp64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\slcnt64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\sl3apo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SFSS_APO.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SFNHK64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SFCOM64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SFAPO64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SEHDRA64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SEHDHF64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SECOMN64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SEAPO64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtPgEx64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtkCfg64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtkApi64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RTEEP64A.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RTEEL64A.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RTEEG64A.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RTEED64A.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtDataProc64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RTCOM64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RP3DHT64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RP3DAA64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RltkAPO64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RCoRes64.dat
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RCoInstII64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2017-11-16 13:22:16 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2017-11-16 13:22:15 ----A---- C:\Windows\system32\R4EEP64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\R4EEL64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\R4EEG64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\R4EED64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\R4EEA64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\ICEsoundAPO64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMUI.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMLimiter.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMHVS.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMEQ_Voice.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMEQ.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMClariFi.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMAPO.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HiFiDAX2APIPCLL.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HiFiDAX2API.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HarmanAudioInterface.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DolbyDAX2APOvlldp.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DolbyDAX2APOv211.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DolbyDAX2APOv201.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DolbyDAX2APOProp.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPP64AF3.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPP64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPO64AF3.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPO64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPD64AF3.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPD64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPA64F3.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPA64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DAX3APOv251.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DAX3APOProp.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2017-11-16 13:22:14 ----A---- C:\Windows\system32\AudysseyEfx.dll
2017-11-16 13:22:14 ----A---- C:\Windows\system32\audioLibVc.dll
2017-11-16 13:22:14 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2017-11-13 11:26:48 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2017-11-13 11:26:48 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2017-11-13 11:26:48 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2017-11-13 11:26:48 ----A---- C:\Windows\system32\DbxSvc.exe
2017-11-06 21:12:30 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2017-11-06 21:12:30 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2017-11-06 21:12:30 ----A---- C:\Windows\system32\vulkaninfo.exe
2017-11-06 21:12:30 ----A---- C:\Windows\system32\vulkan-1.dll
2017-11-06 21:12:29 ----D---- C:\Program Files (x86)\VulkanRT
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvopencl.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvoglv64.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvoglshim64.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvmcumd.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvinitx.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\NvIFR64.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\NvFBC64.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvdispgenco6438813.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvdispco6438813.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvcuvid.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvcuda.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvcompiler.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2017-11-06 20:17:08 ----D---- C:\Program Files (x86)\EasyAntiCheat

======List of files/folders modified in the last 1 month======

2017-11-21 23:12:17 ----D---- C:\Windows\Temp
2017-11-21 23:10:59 ----RD---- C:\Program Files
2017-11-21 23:10:36 ----D---- C:\Program Files (x86)\SpeedFan
2017-11-21 23:09:48 ----D---- C:\ProgramData\NVIDIA
2017-11-21 23:00:00 ----D---- C:\Windows\system32\sru
2017-11-21 20:28:05 ----D---- C:\Windows\Microsoft.NET
2017-11-21 17:05:59 ----D---- C:\Users\h0n7a\AppData\Roaming\TS3Client
2017-11-21 14:11:07 ----RD---- C:\Windows\System32
2017-11-21 14:11:07 ----D---- C:\Windows\Inf
2017-11-21 14:11:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-20 23:23:49 ----D---- C:\Users\h0n7a\AppData\Roaming\FileZilla
2017-11-19 18:49:55 ----D---- C:\Users\h0n7a\AppData\Roaming\Skype
2017-11-19 17:18:36 ----D---- C:\Users\h0n7a\AppData\Roaming\vlc
2017-11-19 17:06:41 ----HD---- C:\ProgramData
2017-11-19 16:01:12 ----D---- C:\Windows\SysWOW64
2017-11-19 16:01:12 ----D---- C:\Windows\system32\drivers
2017-11-19 16:01:12 ----D---- C:\Windows
2017-11-19 16:01:05 ----D---- C:\Windows\system32\DriverStore
2017-11-19 14:29:54 ----SHD---- C:\System Volume Information
2017-11-19 13:01:13 ----D---- C:\Program Files (x86)\TeamViewer
2017-11-19 13:01:12 ----D---- C:\Windows\system32\Tasks
2017-11-19 12:49:37 ----D---- C:\Windows\rescache
2017-11-19 12:18:51 ----D---- C:\Windows\system32\config
2017-11-19 10:13:11 ----D---- C:\Program Files (x86)\Rockstar Games
2017-11-19 10:13:03 ----D---- C:\Program Files\Rockstar Games
2017-11-18 18:50:44 ----HD---- C:\Program Files\WindowsApps
2017-11-18 18:50:44 ----D---- C:\Windows\AppReadiness
2017-11-17 23:10:34 ----D---- C:\Windows\WinSxS
2017-11-17 23:09:45 ----D---- C:\Windows\system32\catroot2
2017-11-17 23:03:11 ----D---- C:\Windows\SoftwareDistribution
2017-11-17 22:58:23 ----D---- C:\Windows\Logs
2017-11-17 19:07:43 ----D---- C:\Windows\system32\appraiser
2017-11-17 19:07:43 ----D---- C:\Windows\apppatch
2017-11-17 19:07:43 ----D---- C:\Program Files\Internet Explorer
2017-11-17 19:07:43 ----D---- C:\Program Files (x86)\Internet Explorer
2017-11-17 18:24:25 ----D---- C:\Windows\Tasks
2017-11-17 18:24:22 ----RD---- C:\Program Files (x86)
2017-11-17 15:30:04 ----SHD---- C:\Windows\Installer
2017-11-17 15:29:57 ----D---- C:\Program Files\iTunes
2017-11-17 02:24:26 ----RSD---- C:\Windows\assembly
2017-11-17 02:24:18 ----D---- C:\ProgramData\Microsoft Help
2017-11-17 02:24:17 ----D---- C:\Windows\CbsTemp
2017-11-17 02:22:42 ----A---- C:\Windows\win.ini
2017-11-16 13:22:45 ----HD---- C:\Program Files (x86)\Temp
2017-11-16 13:22:44 ----D---- C:\Windows\SYSWOW64\RTCOM
2017-11-16 13:22:44 ----D---- C:\Windows\system32\RTCOM
2017-11-16 13:22:39 ----D---- C:\Windows\system32\DAX3
2017-11-16 13:22:39 ----D---- C:\Windows\system32\DAX2
2017-11-16 13:07:21 ----D---- C:\Program Files (x86)\MSI
2017-11-16 13:05:04 ----D---- C:\Windows\SYSWOW64\directx
2017-11-16 12:52:15 ----D---- C:\Program Files (x86)\Dropbox
2017-11-05 21:54:05 ----D---- C:\Program Files\HWiNFO64
2017-11-05 21:43:32 ----D---- C:\ProgramData\Package Cache
2017-11-04 01:41:39 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-27 18:46:38 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-10-27 18:46:38 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-10-27 18:46:38 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-10-27 18:46:38 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-10-27 18:46:38 ----A---- C:\Windows\system32\nvumdshimx.dll
2017-10-27 18:46:38 ----A---- C:\Windows\system32\nvapi64.dll
2017-10-27 18:46:38 ----A---- C:\Windows\NvTelemetryContainerRecovery.bat
2017-10-27 17:36:33 ----A---- C:\Windows\NvContainerRecovery.bat
2017-10-27 17:12:12 ----A---- C:\Windows\system32\nvsvc64.dll
2017-10-27 17:12:12 ----A---- C:\Windows\system32\nvcpl.dll
2017-10-27 17:12:11 ----A---- C:\Windows\system32\nvsvcr.dll
2017-10-27 17:12:11 ----A---- C:\Windows\system32\nvshext.dll
2017-10-27 17:12:11 ----A---- C:\Windows\system32\nvmctray.dll
2017-10-27 17:12:11 ----A---- C:\Windows\system32\nv3dappshextr.dll
2017-10-27 17:12:11 ----A---- C:\Windows\system32\nv3dappshext.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2017-06-17 60920]
R0 avusbflt;avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [2017-06-17 38048]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2017-08-31 167464]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2017-03-02 44488]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-20 40344]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2017-02-10 27552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2017-09-29 176224]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2017-03-02 88488]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2017-10-26 6023080]
R3 iusb3adp;@oem5.inf,%iusb3adp.SvcDesc%;Adaptivní ovladač hostitelského řadiče Intel(R) USB 3.0; C:\Windows\System32\drivers\iusb3adp.sys [2016-11-04 29272]
R3 MEIx64;@oem7.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2017-02-15 204920]
R3 NVHDA;@oem41.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-10-09 225208]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2017-10-27 16763000]
R3 RTL8168;@oem33.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2017-05-17 965616]
R3 UHSfiltv;UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [2013-05-31 23552]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2014-11-21 121088]
R3 VClone;VClone; C:\Windows\System32\drivers\VClone.sys [2014-05-03 34816]
S3 dbx;dbx; C:\Windows\system32\DRIVERS\dbx.sys []
S3 dcdbas;@oem45.inf,%dcdbas.SVCDESC%;System Management Driver; C:\Windows\System32\drivers\dcdbas64.sys []
S3 dg_ssudbus;@oem34.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 I2cHkBurn;I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [2015-07-27 41760]
S3 netr28ux;@netr28ux.inf,%Generic.Service.DispName%;RT2870 – ovladač rozšiřitelné karty USB pro bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\netr28ux.sys [2013-06-18 2408208]
S3 RtlWlanu;@oem6.inf,%RtlWlanu.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys []
S3 ssudmdm;@oem35.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 USBAAPL64;@oem31.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2016-03-28 54784]
S3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2017-11-17 490968]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2017-11-17 490968]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-10-11 83768]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2017-10-26 407408]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2011-10-19 423424]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2017-11-13 51016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R2 GoProDeviceDetectionService;GoPro Device Detection Service; D:\Program Files\GoPro Quick\GoPro Desktop App\GoProDeviceDetection.exe [2017-03-16 37808]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-10-20 177440]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-10-20 419616]
R2 MSI_LiveUpdate_Service;MSI Live Update Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2017-09-20 2298040]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-10-27 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-27 460920]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2017-07-21 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2017-07-21 189248]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-11-09 10803952]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-10-20 672568]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2017-11-17 1128944]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2017-11-17 1526832]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-11 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-10 153752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-11 143144]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2017-10-24 526888]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-10 153752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-07-26 987432]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-10-31 1641248]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, děkuji.

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:services
Bonjour Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

3rw0sh
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 26 čer 2012 16:53

Re: Prosím o kontrolu, děkuji.

#7 Příspěvek od 3rw0sh »

Logfile of random's system information tool 1.10 (written by random/random)
Run by h0n7a at 2017-11-22 19:24:27
Microsoft Windows 8.1 Pro
System drive C: has 126 GB (55%) free of 228 GB
Total RAM: 16348 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:24:29, on 22. 11. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\PROGRA~2\Google\Drive\GOOGLE~1.EXE
C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
C:\PROGRA~2\Google\Drive\GOOGLE~1.EXE
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files\trend micro\h0n7a.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://adisepo.mfcr.cz/adistc/adis/idp ... stup.faces
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Sound Blaster Tactic3D Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe" /r
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [TomTom MySports Connect.exe] C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe --hideSplashScreen
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GoPro Device Detection Service (GoProDeviceDetectionService) - Unknown owner - D:\Program Files\GoPro Quick\GoPro Desktop App\GoProDeviceDetection.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Live Update Service (MSI_LiveUpdate_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11436 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
taskhostex.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\Explorer.EXE
taskeng.exe {CA346000-A400-41A1-9DB5-A67EE87F4EFB}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {caf67121-f324-4445-8941f7ea046b5372}
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_0000063c
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
C:\Windows\system32\SppExtComObj.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\11222017_192056.log
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe" --hideSplashScreen
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\h0n7a\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-39.4.49 --annotation=client_session_id=d7fd224f-bd07-4be2-8a17-037b3266f2b5 --annotation=host_int_account1_boot=16052370176 --annotation=machine_id=89331bdd-df1d-481e-b3a9-bf3861092a70 --annotation=platform=win --annotation=platform_version=8.1 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x65d06dc0,0x65d06dd0,0x65d06de0
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:d7fd224f-bd07-4be2-8a17-037b3266f2b5 -target-handle:284 -target-shutdown-event:300 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_5460_SQCVZPOCBZCBSALE
C:\PROGRA~2\Google\Drive\GOOGLE~1.EXE --ma_controller
"C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe" /r
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\PROGRA~2\Google\Drive\GOOGLE~1.EXE --ma_controller
"C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe" -Embedding
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe"
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\EVGA\Precision XOC\PrecisionX_x64.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\h0n7a\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\update-S-1-5-21-396693443-811109266-3812187763-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2017-02-23 2351920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"GoPro Tray App"=D:\Program Files\GoPro Quick\GoPro Desktop App\GoProDesktopSystemTray.exe [2017-03-16 866224]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-10-26 9235936]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-10-20 297784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2017-11-01 40417680]
"AdobeBridge"= []
"TomTom MySports Connect.exe"=C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [2017-08-23 638464]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-11-13 3567928]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Sound Blaster Tactic3D Control Panel"=C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2014-07-03 2091008]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2017-10-12 26102968]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2017-04-11 225944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.CFHD"=CFHD.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-22 19:20:56 ----D---- C:\_OTM
2017-11-21 23:10:59 ----D---- C:\rsit
2017-11-21 23:10:59 ----D---- C:\Program Files\trend micro
2017-11-21 14:06:32 ----D---- C:\AdwCleaner
2017-11-17 18:24:22 ----D---- C:\Program Files (x86)\Skillbrains
2017-11-17 15:29:56 ----D---- C:\Program Files\iPod
2017-11-16 14:34:59 ----A---- C:\Windows\system32\pcasvc.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\invagent.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\generaltel.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\devinv.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-16 14:34:59 ----A---- C:\Windows\system32\centel.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\appraiser.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-16 14:34:59 ----A---- C:\Windows\system32\aepic.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\aeinv.dll
2017-11-16 14:34:59 ----A---- C:\Windows\system32\acmigration.dll
2017-11-16 14:23:04 ----A---- C:\Windows\system32\mshtml.dll
2017-11-16 14:23:03 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-11-16 14:23:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-11-16 14:23:03 ----A---- C:\Windows\system32\wmp.dll
2017-11-16 14:23:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-11-16 14:23:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-11-16 14:23:02 ----A---- C:\Windows\system32\win32k.sys
2017-11-16 14:23:02 ----A---- C:\Windows\system32\msftedit.dll
2017-11-16 14:23:02 ----A---- C:\Windows\system32\jscript9.dll
2017-11-16 14:23:02 ----A---- C:\Windows\system32\ieframe.dll
2017-11-16 14:23:01 ----AC---- C:\Windows\system32\drivers\usbhub.sys
2017-11-16 14:23:01 ----AC---- C:\Windows\system32\drivers\usbccgp.sys
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-11-16 14:23:01 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\wininet.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\vbscript.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\urlmon.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\tquery.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\msfeeds.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\jscript.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\iertutil.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-11-16 14:23:01 ----A---- C:\Windows\system32\drivers\http.sys
2017-11-16 14:23:01 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-11-16 14:23:01 ----A---- C:\Windows\system32\authui.dll
2017-11-16 14:23:01 ----A---- C:\Windows\system32\advapi32.dll
2017-11-16 14:23:00 ----AC---- C:\Windows\system32\drivers\usbport.sys
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\PCPTpm12.dll
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\mgmtapi.dll
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-11-16 14:23:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\webcheck.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\regsvc.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\PCPTpm12.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\mgmtapi.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\inetcomm.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\iedkcs32.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\ieapfltr.dll
2017-11-16 14:23:00 ----A---- C:\Windows\system32\ie4uinit.exe
2017-11-16 14:23:00 ----A---- C:\Windows\system32\drivers\storport.sys
2017-11-16 14:23:00 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-16 13:22:16 ----A---- C:\Windows\SYSWOW64\SRCOM.dll
2017-11-16 13:22:16 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2017-11-16 13:22:16 ----A---- C:\Windows\SYSWOW64\SEHDHF32.dll
2017-11-16 13:22:16 ----A---- C:\Windows\SYSWOW64\SECOMN32.dll
2017-11-16 13:22:16 ----A---- C:\Windows\SYSWOW64\RltkAPO.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\YamahaAE3.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\YamahaAE2.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\YamahaAE.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tossaemaxapo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tossaeapo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\toseaeapo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tosasfapo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tosade.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tepeqapo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tadefxapo264.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\tadefxapo.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRSWOW64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRSTSX64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRSTSH64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRSHP64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRRPTR64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRCOM64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRCOM.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SRAPO64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\sltech64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\slprp64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\slcnt64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\sl3apo64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SFSS_APO.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SFNHK64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SFCOM64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SFAPO64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SEHDRA64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SEHDHF64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SECOMN64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\SEAPO64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtPgEx64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtkCfg64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtkApi64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RTEEP64A.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RTEEL64A.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RTEEG64A.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RTEED64A.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RtDataProc64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RTCOM64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RP3DHT64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RP3DAA64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RltkAPO64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RCoRes64.dat
2017-11-16 13:22:16 ----A---- C:\Windows\system32\RCoInstII64.dll
2017-11-16 13:22:16 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2017-11-16 13:22:16 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2017-11-16 13:22:15 ----A---- C:\Windows\system32\R4EEP64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\R4EEL64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\R4EEG64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\R4EED64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\R4EEA64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\ICEsoundAPO64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMUI.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMLimiter.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMHVS.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMEQ_Voice.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMEQ.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMClariFi.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HMAPO.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HiFiDAX2APIPCLL.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HiFiDAX2API.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\HarmanAudioInterface.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DolbyDAX2APOvlldp.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DolbyDAX2APOv211.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DolbyDAX2APOv201.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DolbyDAX2APOProp.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPP64AF3.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPP64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPO64AF3.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPO64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPD64AF3.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPD64A.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPA64F3.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DDPA64.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DAX3APOv251.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\DAX3APOProp.dll
2017-11-16 13:22:15 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2017-11-16 13:22:14 ----A---- C:\Windows\system32\AudysseyEfx.dll
2017-11-16 13:22:14 ----A---- C:\Windows\system32\audioLibVc.dll
2017-11-16 13:22:14 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2017-11-13 11:26:48 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2017-11-13 11:26:48 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2017-11-13 11:26:48 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2017-11-13 11:26:48 ----A---- C:\Windows\system32\DbxSvc.exe
2017-11-06 21:12:30 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2017-11-06 21:12:30 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2017-11-06 21:12:30 ----A---- C:\Windows\system32\vulkaninfo.exe
2017-11-06 21:12:30 ----A---- C:\Windows\system32\vulkan-1.dll
2017-11-06 21:12:29 ----D---- C:\Program Files (x86)\VulkanRT
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-11-06 21:11:11 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvopencl.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvoglv64.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvoglshim64.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvmcumd.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvinitx.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\NvIFR64.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\NvFBC64.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvdispgenco6438813.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvdispco6438813.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvcuvid.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvcuda.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\nvcompiler.dll
2017-11-06 21:11:11 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2017-11-06 20:17:08 ----D---- C:\Program Files (x86)\EasyAntiCheat

======List of files/folders modified in the last 1 month======

2017-11-22 19:24:26 ----D---- C:\Windows\Temp
2017-11-22 19:23:17 ----D---- C:\Program Files (x86)\SpeedFan
2017-11-22 19:23:12 ----D---- C:\ProgramData\NVIDIA
2017-11-21 23:14:37 ----RD---- C:\Windows\System32
2017-11-21 23:14:37 ----D---- C:\Windows\Inf
2017-11-21 23:14:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-21 23:10:59 ----RD---- C:\Program Files
2017-11-21 23:00:00 ----D---- C:\Windows\system32\sru
2017-11-21 20:28:05 ----D---- C:\Windows\Microsoft.NET
2017-11-21 17:05:59 ----D---- C:\Users\h0n7a\AppData\Roaming\TS3Client
2017-11-20 23:23:49 ----D---- C:\Users\h0n7a\AppData\Roaming\FileZilla
2017-11-19 18:49:55 ----D---- C:\Users\h0n7a\AppData\Roaming\Skype
2017-11-19 17:18:36 ----D---- C:\Users\h0n7a\AppData\Roaming\vlc
2017-11-19 17:06:41 ----HD---- C:\ProgramData
2017-11-19 16:01:12 ----D---- C:\Windows\SysWOW64
2017-11-19 16:01:12 ----D---- C:\Windows\system32\drivers
2017-11-19 16:01:12 ----D---- C:\Windows
2017-11-19 16:01:05 ----D---- C:\Windows\system32\DriverStore
2017-11-19 14:29:54 ----SHD---- C:\System Volume Information
2017-11-19 13:01:13 ----D---- C:\Program Files (x86)\TeamViewer
2017-11-19 13:01:12 ----D---- C:\Windows\system32\Tasks
2017-11-19 12:49:37 ----D---- C:\Windows\rescache
2017-11-19 12:18:51 ----D---- C:\Windows\system32\config
2017-11-19 10:13:11 ----D---- C:\Program Files (x86)\Rockstar Games
2017-11-19 10:13:03 ----D---- C:\Program Files\Rockstar Games
2017-11-18 18:50:44 ----HD---- C:\Program Files\WindowsApps
2017-11-18 18:50:44 ----D---- C:\Windows\AppReadiness
2017-11-17 23:10:34 ----D---- C:\Windows\WinSxS
2017-11-17 23:09:45 ----D---- C:\Windows\system32\catroot2
2017-11-17 23:03:11 ----D---- C:\Windows\SoftwareDistribution
2017-11-17 22:58:23 ----D---- C:\Windows\Logs
2017-11-17 19:07:43 ----D---- C:\Windows\system32\appraiser
2017-11-17 19:07:43 ----D---- C:\Windows\apppatch
2017-11-17 19:07:43 ----D---- C:\Program Files\Internet Explorer
2017-11-17 19:07:43 ----D---- C:\Program Files (x86)\Internet Explorer
2017-11-17 18:24:25 ----D---- C:\Windows\Tasks
2017-11-17 18:24:22 ----RD---- C:\Program Files (x86)
2017-11-17 15:30:04 ----SHD---- C:\Windows\Installer
2017-11-17 15:29:57 ----D---- C:\Program Files\iTunes
2017-11-17 02:24:26 ----RSD---- C:\Windows\assembly
2017-11-17 02:24:18 ----D---- C:\ProgramData\Microsoft Help
2017-11-17 02:24:17 ----D---- C:\Windows\CbsTemp
2017-11-17 02:22:42 ----A---- C:\Windows\win.ini
2017-11-16 13:22:45 ----HD---- C:\Program Files (x86)\Temp
2017-11-16 13:22:44 ----D---- C:\Windows\SYSWOW64\RTCOM
2017-11-16 13:22:44 ----D---- C:\Windows\system32\RTCOM
2017-11-16 13:22:39 ----D---- C:\Windows\system32\DAX3
2017-11-16 13:22:39 ----D---- C:\Windows\system32\DAX2
2017-11-16 13:07:21 ----D---- C:\Program Files (x86)\MSI
2017-11-16 13:05:04 ----D---- C:\Windows\SYSWOW64\directx
2017-11-16 12:52:15 ----D---- C:\Program Files (x86)\Dropbox
2017-11-05 21:54:05 ----D---- C:\Program Files\HWiNFO64
2017-11-05 21:43:32 ----D---- C:\ProgramData\Package Cache
2017-11-04 01:41:39 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-27 18:46:38 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-10-27 18:46:38 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-10-27 18:46:38 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-10-27 18:46:38 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-10-27 18:46:38 ----A---- C:\Windows\system32\nvumdshimx.dll
2017-10-27 18:46:38 ----A---- C:\Windows\system32\nvapi64.dll
2017-10-27 18:46:38 ----A---- C:\Windows\NvTelemetryContainerRecovery.bat
2017-10-27 17:36:33 ----A---- C:\Windows\NvContainerRecovery.bat
2017-10-27 17:12:12 ----A---- C:\Windows\system32\nvsvc64.dll
2017-10-27 17:12:12 ----A---- C:\Windows\system32\nvcpl.dll
2017-10-27 17:12:11 ----A---- C:\Windows\system32\nvsvcr.dll
2017-10-27 17:12:11 ----A---- C:\Windows\system32\nvshext.dll
2017-10-27 17:12:11 ----A---- C:\Windows\system32\nvmctray.dll
2017-10-27 17:12:11 ----A---- C:\Windows\system32\nv3dappshextr.dll
2017-10-27 17:12:11 ----A---- C:\Windows\system32\nv3dappshext.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2017-06-17 60920]
R0 avusbflt;avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [2017-06-17 38048]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2017-08-31 167464]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2017-03-02 44488]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-20 40344]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2017-02-10 27552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2017-09-29 176224]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2017-03-02 88488]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2017-10-26 6023080]
R3 iusb3adp;@oem5.inf,%iusb3adp.SvcDesc%;Adaptivní ovladač hostitelského řadiče Intel(R) USB 3.0; C:\Windows\System32\drivers\iusb3adp.sys [2016-11-04 29272]
R3 MEIx64;@oem7.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2017-02-15 204920]
R3 NVHDA;@oem41.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-10-09 225208]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2017-10-27 16763000]
R3 RTL8168;@oem33.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2017-05-17 965616]
R3 UHSfiltv;UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [2013-05-31 23552]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2014-11-21 121088]
R3 VClone;VClone; C:\Windows\System32\drivers\VClone.sys [2014-05-03 34816]
S3 dbx;dbx; C:\Windows\system32\DRIVERS\dbx.sys []
S3 dcdbas;@oem45.inf,%dcdbas.SVCDESC%;System Management Driver; C:\Windows\System32\drivers\dcdbas64.sys []
S3 dg_ssudbus;@oem34.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 I2cHkBurn;I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [2015-07-27 41760]
S3 netr28ux;@netr28ux.inf,%Generic.Service.DispName%;RT2870 – ovladač rozšiřitelné karty USB pro bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\netr28ux.sys [2013-06-18 2408208]
S3 RtlWlanu;@oem6.inf,%RtlWlanu.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys []
S3 ssudmdm;@oem35.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 USBAAPL64;@oem31.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2016-03-28 54784]
S3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2017-11-17 490968]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2017-11-17 490968]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-10-11 83768]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2017-10-26 407408]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2011-10-19 423424]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2017-11-13 51016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R2 MSI_LiveUpdate_Service;MSI Live Update Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2017-09-20 2298040]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-10-27 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-27 460920]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2017-07-21 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2017-07-21 189248]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-01-16 317400]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-11-09 10803952]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-10-20 672568]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2017-11-17 1128944]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2017-11-17 1526832]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-11 143144]
S2 GoProDeviceDetectionService;GoPro Device Detection Service; D:\Program Files\GoPro Quick\GoPro Desktop App\GoProDeviceDetection.exe [2017-03-16 37808]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-10 153752]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-10-20 177440]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-10-20 419616]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-11 143144]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2017-10-24 526888]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-10 153752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-07-26 987432]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-10-31 1641248]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, děkuji.

#8 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

3rw0sh
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 26 čer 2012 16:53

Re: Prosím o kontrolu, děkuji.

#9 Příspěvek od 3rw0sh »

PC je o trošku svižnější, bylo rychlé i předtím, ale chtěl jsem pro jistotu udělat kontrolu, protože mi hackly jeden web a nevím jestli to bylo přes můj pc nebo přes pc kamarádky, která na něj má také přístup.
Díky moc a přeji příjemný zbytek večera.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, děkuji.

#10 Příspěvek od Rudy »

Mohu vás ubezpečit, že přes váš PC to nebylo. Byly tam pouze AdWary a zbytečnosti.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět