Ahoj, prosím koukněte mi co mi to tu pokaždé po nějakých 10 až 15 minutách zaseká. Přehřívání to není. Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jerry Oak at 2016-02-07 12:14:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 31 GB (11%) free of 280 GB
Total RAM: 3941 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:14:57, on 7.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jerry Oak.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\SysWow64\Msdxm6.ocx
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: SCP DS3 Service (Ds3Service) - Unknown owner - C:\Dreams\Project.Zomboid.Build.32.30\ScpServer\bin\ScpService.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Hercules® - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 8051 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 30563344
\??\C:\Windows\system32\conhost.exe "569046124308800948-82031901818823182081004548161-15918257251191639939-62182588
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-015e171d-8ac2-46b5-9b86-35d6ea3b3253 -SystemEventPortName:HostProcess-21bcbb9c-6410-4be5-aa4f-a9a6dd82d5c8 -IoCancelEventPortName:HostProcess-20affc7f-95e2-4762-a41f-71a520d04309 -NonStateChangingEventPortName:HostProcess-7fb79aeb-e694-4c45-a626-9964245676d6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:65b72e1b-b14f-4462-b7a4-10bb99846c89 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4260.0.2037378989\806244621" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4260.2.1134596506\1958380017" --font-cache-shared-handle=2708 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4260.3.1937042882\11122794" --font-cache-shared-handle=2932 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4260.4.367730410\290285983" --font-cache-shared-handle=4296 /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4260.15.1759361949\765439077" --font-cache-shared-handle=5632 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4260.16.1259384265\2015597409" --font-cache-shared-handle=5660 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4260.18.2270570\1241616484" --font-cache-shared-handle=7284 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Jerry Oak\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-26 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-26 212576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1033,&Radio - C:\Windows\SysWow64\Msdxm6.ocx [2000-04-21 844048]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-18 2899216]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2012-04-18 410896]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CNAP2 Launcher]
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-12-08 24952456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-01-15 23499656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series TrayAgent]
C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [2014-03-04 3574576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg_LENOVO_DOLBYDRAGON]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_DOLBYDRAGON []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 596528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\svchost.exe]
C:\Users\Jerry Oak\AppData\Local\Temp\svchost.exe [2015-11-20 7085056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Jerry Oak\AppData\Roaming\uTorrent\utorrent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2009-11-11 167008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.pDAD"=prodad-codec.dll
"vidc.XVID"=xvidvfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2016-02-07 11:00:59 ----D---- C:\rsit
2016-02-07 11:00:59 ----D---- C:\Program Files\trend micro
2016-02-07 10:04:52 ----A---- C:\Windows\ntbtlog.txt
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntfNT.dll
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntf32.dll
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntf16.dll
2016-02-06 12:41:48 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2016-02-05 18:18:47 ----D---- C:\AdwCleaner
2016-02-01 20:01:39 ----D---- C:\Users\Jerry Oak\AppData\Roaming\ParadoxInteractive
2016-02-01 07:46:25 ----ASH---- C:\pagefile.sys
2016-01-30 18:25:33 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-01-30 14:18:59 ----N---- C:\Windows\system32\MpSigStub.exe
2016-01-11 20:22:29 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Freelancer
2016-01-10 16:09:49 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2016-01-10 16:09:06 ----D---- C:\DirectX9.0c
2016-01-09 17:47:28 ----D---- C:\Program Files (x86)\OpenLibraries
2016-01-09 17:45:50 ----D---- C:\Program Files (x86)\mlt
2016-01-09 17:45:48 ----D---- C:\Program Files (x86)\Jahshaka
2016-01-09 17:45:48 ----D---- C:\Program Files (x86)\gtk2
======List of files/folders modified in the last 1 month======
2016-02-07 12:14:47 ----D---- C:\Windows\winsxs
2016-02-07 12:14:46 ----D---- C:\Windows\Temp
2016-02-07 12:10:26 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Skype
2016-02-07 11:52:55 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Tunngle
2016-02-07 11:38:37 ----D---- C:\Windows\Prefetch
2016-02-07 11:37:23 ----D---- C:\Windows\system32\config
2016-02-07 11:19:28 ----D---- C:\Windows\system32\catroot2
2016-02-07 11:00:59 ----RD---- C:\Program Files
2016-02-07 10:04:52 ----D---- C:\Windows
2016-02-07 09:25:27 ----D---- C:\Dreams
2016-02-07 08:19:04 ----D---- C:\TeamSpeak 3 Client
2016-02-07 08:11:19 ----D---- C:\Users\Jerry Oak\AppData\Roaming\qBittorrent
2016-02-07 07:19:45 ----RD---- C:\Program Files (x86)
2016-02-07 07:14:26 ----D---- C:\ProgramData\Tunngle
2016-02-07 02:21:51 ----SHD---- C:\System Volume Information
2016-02-06 22:45:02 ----D---- C:\Users\Jerry Oak\AppData\Roaming\AIMP3
2016-02-06 17:43:53 ----SHD---- C:\Windows\Installer
2016-02-06 17:05:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-06 14:30:38 ----D---- C:\Windows\SysWOW64
2016-02-06 13:49:09 ----D---- C:\Users\Jerry Oak\AppData\Roaming\vlc
2016-02-05 19:23:11 ----HD---- C:\ProgramData
2016-02-05 07:42:56 ----D---- C:\Program Files (x86)\Steam
2016-02-05 07:17:28 ----D---- C:\Windows\System32
2016-02-05 07:17:28 ----D---- C:\Windows\inf
2016-02-05 07:17:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-04 20:45:22 ----D---- C:\Windows\Minidump
2016-02-02 22:12:46 ----D---- C:\ProgramData\Package Cache
2016-02-01 22:51:27 ----D---- C:\Windows\Tasks
2016-01-30 18:25:54 ----RSD---- C:\Windows\assembly
2016-01-30 12:04:11 ----D---- C:\ProgramData\Avira
2016-01-30 12:04:06 ----D---- C:\Windows\system32\drivers
2016-01-28 19:43:18 ----D---- C:\ProgramData\Steam
2016-01-28 18:54:38 ----HD---- C:\Windows\msdownld.tmp
2016-01-28 18:54:35 ----D---- C:\Windows\SYSWOW64\directx
2016-01-26 23:06:59 ----D---- C:\Users\Jerry Oak\AppData\Roaming\.minecraft
2016-01-26 18:05:14 ----D---- C:\ProgramData\Oracle
2016-01-26 18:01:20 ----D---- C:\Program Files\Java
2016-01-26 18:00:52 ----D---- C:\Program Files (x86)\Common Files
2016-01-26 17:59:58 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2016-01-18 22:10:57 ----D---- C:\Program Files (x86)\BYOND
2016-01-16 23:26:26 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Audacity
2016-01-11 23:23:44 ----RSD---- C:\Windows\Fonts
2016-01-11 06:42:03 ----RD---- C:\Program Files (x86)\Skype
2016-01-11 06:41:52 ----D---- C:\ProgramData\Skype
2016-01-10 16:09:51 ----D---- C:\Program Files (x86)\OpenAL
2016-01-10 16:09:51 ----A---- C:\Windows\system32\wrap_oal.dll
2016-01-10 16:09:51 ----A---- C:\Windows\system32\OpenAL32.dll
2016-01-10 16:09:49 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2016-01-09 17:43:25 ----D---- C:\ProgramData\SUPPORTDIR
2016-01-09 17:43:19 ----D---- C:\Program Files (x86)\CyberLink
2016-01-09 17:28:47 ----D---- C:\Program Files\CyberLink
2016-01-08 22:09:22 ----D---- C:\ProgramData\firebird
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-09-14 31352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-03 283064]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 ScpVBus;Scp Virtual Bus Driver; C:\Windows\system32\DRIVERS\ScpVBus.sys [2013-05-05 39168]
R3 SmbDrvIntel;SmbDrvIntel; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-04-18 27408]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-04-18 428304]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2015-10-14 30816]
S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys [2014-03-05 296240]
S3 HDJMidi;DJ Control MP3 e2 MIDI; C:\Windows\system32\DRIVERS\HDJMidi.sys [2014-03-05 276272]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 winusb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HerculesDJControlMP3;Hercules DJ Control MP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2014-03-04 50688]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-09-13 937776]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2014-08-13 96272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-27 136048]
S2 Ds3Service;SCP DS3 Service; C:\Dreams\Project.Zomboid.Build.32.30\ScpServer\bin\ScpService.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-18 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-27 136048]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-02-04 182304]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-10-27 809424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-02-05 1255736]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2011-08-05 8277728]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Program Files\Zune\ZuneWlanCfgSvc.exe [2011-08-05 467680]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zasekaný laptop po 10 minutách
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
yardafreeman
- Návštěvník
- Příspěvky: 19
- Registrován: 04 úno 2006 19:06
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zasekaný laptop po 10 minutách
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
yardafreeman
- Návštěvník
- Příspěvky: 19
- Registrován: 04 úno 2006 19:06
Re: Zasekaný laptop po 10 minutách
Dodávám, že když používám mbam tak to zabere hodiny, jelikož počítač je pak jak hlemýžď. Jednou dojel, našlo to phoenix.exe, dvakrát bitool.dll a svchost.exe, které odstranil, ale problém se po několika hodinách vrátil.
# AdwCleaner v5.033 - Logfile created 07/02/2016 at 23:57:42
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jerry Oak - OBSCENE
# Running from : C:\Users\Jerry Oak\Desktop\adwcleaner_5.033.exe
# Option : Scan
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [595 bytes] ##########
# AdwCleaner v5.033 - Logfile created 07/02/2016 at 23:57:42
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jerry Oak - OBSCENE
# Running from : C:\Users\Jerry Oak\Desktop\adwcleaner_5.033.exe
# Option : Scan
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [595 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zasekaný laptop po 10 minutách
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Jerry Oak\AppData\Local\Temp\svchost.exe
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\svchost.exe]/64
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
yardafreeman
- Návštěvník
- Příspěvky: 19
- Registrován: 04 úno 2006 19:06
Re: Zasekaný laptop po 10 minutách
OTM jede od včerejšího večera přes noc bez přestávky a doteď pracuje na dočasných souborech pod mým nicknamem. HDD stále chroupe a na spodní části programu se čas od času objeví zelený načítací pruh. Mám ho nechat pracovat dál? Není zaseklý? BTW počítač je zpomalený, jak jsem uváděl, takže je určitě ovlivněna i jeho výpočetní rychlost. Je nějaká možnost urychlení? Jestli není, nechám to zaplý klidně tejden, jen abych se toho ******* ***** zbavil.
- Přílohy
-
- Vařený brambor
- otm.jpg (125.81 KiB) Zobrazeno 1455 x
-
yardafreeman
- Návštěvník
- Příspěvky: 19
- Registrován: 04 úno 2006 19:06
Re: Zasekaný laptop po 10 minutách
Už je to skoro 24 hodin. Je to takhle v pořádku? Nemám to třeba spustit znovu v nouzovým režimu?
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zasekaný laptop po 10 minutách
Spusťte to znovu v nouz. režimu. Možná to bude rychlejší. Patrně máte plné dočasné adresáře v profilu Jerry Oak.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
yardafreeman
- Návštěvník
- Příspěvky: 19
- Registrován: 04 úno 2006 19:06
Re: Zasekaný laptop po 10 minutách
Bylo to rychlejší 
Zde je RSIT. Uvidíme jak na tom bude počítač dál. Vidí tam vaše oči ostříží ještě něco?
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jerry Oak at 2016-02-09 18:59:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (13%) free of 280 GB
Total RAM: 3941 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:41, on 9.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18163)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jerry Oak.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: SCP DS3 Service (Ds3Service) - Unknown owner - C:\Dreams\Project.Zomboid.Build.32.30\ScpServer\bin\ScpService.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Hercules® - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 7756 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe 24823344
\??\C:\Windows\system32\conhost.exe "-763152021-178432594-6417389491966607707192763693468605614-995385401-1110627125
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
taskeng.exe {D9E3B2AF-CE95-4580-A4AB-53FF9ED37004}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-564df5a8-b00e-45f7-90e6-88e32d3b64b3 -SystemEventPortName:HostProcess-f8d30329-f7f3-4308-8dd6-91666354eff5 -IoCancelEventPortName:HostProcess-b693171c-4b7b-474b-bc57-b8b35f3db727 -NonStateChangingEventPortName:HostProcess-97af33db-c4ee-4099-b507-1a4b3b10d0df -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:45d13a98-1554-4fa9-b2b5-37bde90d78f1 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4632.0.1094826215\784697826" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4632.2.1010059093\1883967822" --font-cache-shared-handle=2068 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4632.3.269067514\709417148" --font-cache-shared-handle=2088 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4632.4.1126800032\210593716" --font-cache-shared-handle=3964 /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4632.5.96814096\1692469227" --font-cache-shared-handle=4760 /prefetch:673131151
C:\Windows\system32\sppsvc.exe
"C:\Users\Jerry Oak\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-26 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-26 212576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-18 2899216]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2012-04-18 410896]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CNAP2 Launcher]
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-12-08 24952456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-01-15 23499656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series TrayAgent]
C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [2014-03-04 3574576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg_LENOVO_DOLBYDRAGON]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_DOLBYDRAGON []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Jerry Oak\AppData\Roaming\uTorrent\utorrent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2009-11-11 167008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.pDAD"=prodad-codec.dll
"vidc.XVID"=xvidvfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2016-02-08 18:55:38 ----D---- C:\_OTM
2016-02-08 08:33:28 ----SHD---- C:\Config.Msi
2016-02-08 08:29:38 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-08 08:29:38 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-08 08:25:22 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2016-02-08 08:19:38 ----A---- C:\Windows\system32\invagent.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\generaltel.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\devinv.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\appraiser.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\aeinv.dll
2016-02-08 08:19:37 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-08 08:19:37 ----A---- C:\Windows\system32\acmigration.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wups2.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wups.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wudriver.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wucltux.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuapp.exe
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuapi.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-08 08:19:25 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\system32\nlsbres.dll
2016-02-08 08:18:32 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-02-08 08:18:32 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-02-08 08:18:17 ----A---- C:\Windows\system32\shell32.dll
2016-02-08 08:18:16 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-08 08:18:16 ----A---- C:\Windows\explorer.exe
2016-02-08 08:18:15 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-08 08:18:15 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-08 08:18:15 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-08 08:18:15 ----A---- C:\Windows\system32\authui.dll
2016-02-08 08:18:14 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-07 22:48:16 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-02-07 22:48:15 ----D---- C:\Users\Jerry Oak\AppData\Roaming\SUPERAntiSpyware.com
2016-02-07 22:48:06 ----D---- C:\Program Files\Microsoft Security Client
2016-02-07 22:37:24 ----D---- C:\Program Files\SUPERAntiSpyware
2016-02-07 22:37:19 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2016-02-07 22:36:27 ----D---- C:\ProgramData\SUPERSetup
2016-02-07 13:45:26 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-02-07 13:44:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-07 13:44:49 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-02-07 13:44:49 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2016-02-07 11:51:28 ----A---- C:\Windows\system32\DWrite.dll
2016-02-07 11:51:26 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-02-07 11:51:26 ----A---- C:\Windows\system32\FntCache.dll
2016-02-07 11:51:25 ----A---- C:\Windows\system32\user32.dll
2016-02-07 11:51:17 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-02-07 11:51:12 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-02-07 11:51:11 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-02-07 11:51:11 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-02-07 11:51:11 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-02-07 11:51:10 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-02-07 11:51:10 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-02-07 11:51:09 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\system32\mf.dll
2016-02-07 11:51:06 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-02-07 11:51:05 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-02-07 11:51:04 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-02-07 11:51:03 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-02-07 11:51:03 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-02-07 11:51:02 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-02-07 11:51:02 ----A---- C:\Windows\system32\wmpmde.dll
2016-02-07 11:51:02 ----A---- C:\Windows\system32\quartz.dll
2016-02-07 11:51:02 ----A---- C:\Windows\system32\mcmde.dll
2016-02-07 11:51:01 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-02-07 11:51:01 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-02-07 11:51:01 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-02-07 11:51:01 ----A---- C:\Windows\system32\evr.dll
2016-02-07 11:51:01 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-02-07 11:51:00 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\mfplat.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\devenum.dll
2016-02-07 11:50:58 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-02-07 11:50:58 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-02-07 11:50:58 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-02-07 11:50:58 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-02-07 11:50:57 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-02-07 11:50:57 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-07 11:50:56 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\system32\mfvdsp.dll
2016-02-07 11:50:54 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-02-07 11:50:54 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\SysFxUI.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\qdvd.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\qasf.dll
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-02-07 11:50:52 ----A---- C:\Windows\system32\rrinstaller.exe
2016-02-07 11:50:52 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-02-07 11:50:52 ----A---- C:\Windows\system32\mfps.dll
2016-02-07 11:50:51 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-02-07 11:50:51 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-02-07 11:50:51 ----A---- C:\Windows\system32\mfpmp.exe
2016-02-07 11:50:51 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-02-07 11:50:50 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-02-07 11:50:50 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\mferror.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\ksuser.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-02-07 11:50:50 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-02-07 11:50:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\iertutil.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\iernonce.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-07 11:50:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\urlmon.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\occache.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-07 11:50:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-07 11:50:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-07 11:50:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-07 11:50:34 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-07 11:50:34 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-07 11:50:33 ----A---- C:\Windows\system32\iesetup.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-07 11:50:32 ----A---- C:\Windows\system32\vbscript.dll
2016-02-07 11:50:32 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-07 11:50:31 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\ieui.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\ieframe.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-07 11:50:29 ----A---- C:\Windows\system32\webcheck.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript9.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-07 11:50:28 ----A---- C:\Windows\system32\wininet.dll
2016-02-07 11:50:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-07 11:50:27 ----A---- C:\Windows\system32\msrating.dll
2016-02-07 11:50:27 ----A---- C:\Windows\system32\mshtml.dll
2016-02-07 11:49:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-07 11:49:13 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-07 11:49:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-07 11:49:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-07 11:49:12 ----A---- C:\Windows\system32\schannel.dll
2016-02-07 11:49:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\kernel32.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\kerberos.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\drivers\cng.sys
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-02-07 11:49:10 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-07 11:49:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-07 11:49:10 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-02-07 11:49:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-07 11:49:07 ----A---- C:\Windows\system32\ntdll.dll
2016-02-07 11:49:06 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-07 11:49:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-07 11:49:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-07 11:49:05 ----A---- C:\Windows\system32\winsrv.dll
2016-02-07 11:49:05 ----A---- C:\Windows\system32\wdigest.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\sspicli.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\secur32.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\credssp.dll
2016-02-07 11:49:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-07 11:49:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\wow64win.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\srcore.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\smss.exe
2016-02-07 11:49:03 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\lsass.exe
2016-02-07 11:49:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-07 11:49:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-07 11:49:02 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\wow64.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-07 11:49:02 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\conhost.exe
2016-02-07 11:49:01 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\srclient.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-07 11:49:00 ----A---- C:\Windows\system32\rstrui.exe
2016-02-07 11:48:59 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-07 11:48:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-07 11:48:59 ----A---- C:\Windows\system32\auditpol.exe
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-07 11:48:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-07 11:48:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-07 11:48:58 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-07 11:48:57 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-07 11:48:55 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-07 11:48:55 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-07 11:48:55 ----A---- C:\Windows\system32\adtschema.dll
2016-02-07 11:48:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-07 11:48:54 ----A---- C:\Windows\system32\msaudite.dll
2016-02-07 11:48:53 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-07 11:48:53 ----A---- C:\Windows\system32\msobjs.dll
2016-02-07 11:46:45 ----A---- C:\Windows\system32\win32k.sys
2016-02-07 11:22:30 ----A---- C:\Windows\system32\aepic.dll
2016-02-07 11:21:17 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-02-07 11:21:17 ----A---- C:\Windows\system32\qedit.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-02-07 11:21:16 ----A---- C:\Windows\system32\mapistub.dll
2016-02-07 11:21:16 ----A---- C:\Windows\system32\mapi32.dll
2016-02-07 11:21:16 ----A---- C:\Windows\system32\fixmapi.exe
2016-02-07 11:21:08 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-07 11:21:08 ----A---- C:\Windows\system32\InkEd.dll
2016-02-07 11:21:07 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-07 11:21:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-02-07 11:21:02 ----A---- C:\Windows\system32\tzres.dll
2016-02-07 11:20:53 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-02-07 11:20:53 ----A---- C:\Windows\system32\gdi32.dll
2016-02-07 11:20:52 ----A---- C:\Windows\SYSWOW64\els.dll
2016-02-07 11:20:52 ----A---- C:\Windows\system32\els.dll
2016-02-07 11:20:49 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2016-02-07 11:20:49 ----A---- C:\Windows\system32\apphelp.dll
2016-02-07 11:20:48 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2016-02-07 11:20:48 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2016-02-07 11:20:48 ----A---- C:\Windows\system32\shimeng.dll
2016-02-07 11:20:48 ----A---- C:\Windows\system32\sdbinst.exe
2016-02-07 11:20:48 ----A---- C:\Windows\system32\aelupsvc.dll
2016-02-07 11:20:46 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-02-07 11:20:46 ----A---- C:\Windows\system32\drivers\afd.sys
2016-02-07 11:20:42 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-02-07 11:20:42 ----A---- C:\Windows\system32\usp10.dll
2016-02-07 11:20:40 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-07 11:20:40 ----A---- C:\Windows\system32\advapi32.dll
2016-02-07 11:20:39 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-02-07 11:20:39 ----A---- C:\Windows\system32\wshrm.dll
2016-02-07 11:20:39 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-02-07 11:20:37 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-02-07 11:20:36 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-02-07 11:20:36 ----A---- C:\Windows\system32\comsvcs.dll
2016-02-07 11:20:36 ----A---- C:\Windows\system32\catsrvut.dll
2016-02-07 11:20:35 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-02-07 11:00:59 ----D---- C:\rsit
2016-02-07 11:00:59 ----D---- C:\Program Files\trend micro
2016-02-07 10:04:52 ----A---- C:\Windows\ntbtlog.txt
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntfNT.dll
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntf32.dll
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntf16.dll
2016-02-06 12:41:48 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2016-02-05 18:18:47 ----D---- C:\AdwCleaner
2016-02-01 20:01:39 ----D---- C:\Users\Jerry Oak\AppData\Roaming\ParadoxInteractive
2016-02-01 07:46:25 ----ASH---- C:\pagefile.sys
2016-01-30 18:25:33 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-01-30 14:18:59 ----N---- C:\Windows\system32\MpSigStub.exe
2016-01-11 20:22:29 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Freelancer
2016-01-10 16:09:49 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2016-01-10 16:09:06 ----D---- C:\DirectX9.0c
======List of files/folders modified in the last 1 month======
2016-02-09 18:59:32 ----D---- C:\Windows\Temp
2016-02-09 18:54:30 ----D---- C:\Windows\SysWOW64
2016-02-09 18:54:30 ----D---- C:\Windows
2016-02-09 18:50:40 ----D---- C:\Users\Jerry Oak\AppData\Roaming\AIMP3
2016-02-09 18:47:41 ----D---- C:\Windows\System32
2016-02-09 18:47:41 ----D---- C:\Windows\inf
2016-02-09 18:47:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-09 18:34:07 ----D---- C:\Windows\system32\config
2016-02-08 23:56:10 ----D---- C:\Windows\Microsoft.NET
2016-02-08 20:16:32 ----D---- C:\Windows\winsxs
2016-02-08 18:55:40 ----D---- C:\Windows\Tasks
2016-02-08 17:32:43 ----RSD---- C:\Windows\assembly
2016-02-08 09:52:15 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-08 09:52:15 ----D---- C:\Windows\system32\cs-CZ
2016-02-08 09:52:14 ----SD---- C:\Windows\system32\CompatTel
2016-02-08 09:52:14 ----D---- C:\Windows\system32\appraiser
2016-02-08 09:52:14 ----D---- C:\Windows\AppPatch
2016-02-08 09:52:13 ----D---- C:\Windows\system32\drivers
2016-02-08 09:52:13 ----D---- C:\Windows\ehome
2016-02-08 09:52:09 ----RSD---- C:\Windows\Fonts
2016-02-08 09:52:09 ----D---- C:\Windows\cs-CZ
2016-02-08 09:52:08 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-08 09:52:08 ----D---- C:\Program Files\Internet Explorer
2016-02-08 09:52:07 ----D---- C:\Windows\system32\en-US
2016-02-08 09:52:07 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-08 09:52:06 ----D---- C:\Windows\system32\migration
2016-02-08 09:52:06 ----D---- C:\Program Files\Windows Journal
2016-02-08 09:51:51 ----D---- C:\Windows\system32\DriverStore
2016-02-08 09:16:35 ----SHD---- C:\Windows\Installer
2016-02-08 09:06:26 ----D---- C:\Windows\system32\MRT
2016-02-08 09:06:17 ----A---- C:\Windows\system32\MRT.exe
2016-02-08 08:58:02 ----RD---- C:\Program Files (x86)
2016-02-08 08:34:13 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-08 08:31:08 ----ASD---- C:\ProgramData\Microsoft
2016-02-08 08:29:38 ----RD---- C:\Program Files
2016-02-08 08:21:06 ----D---- C:\Windows\system32\catroot2
2016-02-08 08:20:32 ----SHD---- C:\System Volume Information
2016-02-07 22:37:21 ----HD---- C:\ProgramData
2016-02-07 22:33:12 ----D---- C:\Windows\Prefetch
2016-02-07 21:18:36 ----D---- C:\Program Files (x86)\Steam
2016-02-07 21:16:58 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Skype
2016-02-07 20:59:28 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Tunngle
2016-02-07 17:59:19 ----D---- C:\Windows\system32\Tasks
2016-02-07 17:59:05 ----D---- C:\ProgramData\Skype
2016-02-07 14:19:51 ----D---- C:\Program Files (x86)\TeamViewer
2016-02-07 13:47:10 ----D---- C:\Windows\system32\drivers\etc
2016-02-07 12:58:05 ----D---- C:\Dreams
2016-02-07 08:19:04 ----D---- C:\TeamSpeak 3 Client
2016-02-07 08:11:19 ----D---- C:\Users\Jerry Oak\AppData\Roaming\qBittorrent
2016-02-07 07:14:26 ----D---- C:\ProgramData\Tunngle
2016-02-06 17:05:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-06 13:49:09 ----D---- C:\Users\Jerry Oak\AppData\Roaming\vlc
2016-02-04 20:45:22 ----D---- C:\Windows\Minidump
2016-02-02 22:12:46 ----D---- C:\ProgramData\Package Cache
2016-01-30 12:04:11 ----D---- C:\ProgramData\Avira
2016-01-28 19:43:18 ----D---- C:\ProgramData\Steam
2016-01-28 18:54:35 ----D---- C:\Windows\SYSWOW64\directx
2016-01-26 23:06:59 ----D---- C:\Users\Jerry Oak\AppData\Roaming\.minecraft
2016-01-26 18:05:14 ----D---- C:\ProgramData\Oracle
2016-01-26 18:01:20 ----D---- C:\Program Files\Java
2016-01-26 18:00:52 ----D---- C:\Program Files (x86)\Common Files
2016-01-26 17:59:58 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2016-01-18 22:10:57 ----D---- C:\Program Files (x86)\BYOND
2016-01-16 23:26:26 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Audacity
2016-01-11 06:42:03 ----RD---- C:\Program Files (x86)\Skype
2016-01-10 16:09:51 ----D---- C:\Program Files (x86)\OpenAL
2016-01-10 16:09:51 ----A---- C:\Windows\system32\wrap_oal.dll
2016-01-10 16:09:51 ----A---- C:\Windows\system32\OpenAL32.dll
2016-01-10 16:09:49 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-09-14 31352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-03 283064]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 ScpVBus;Scp Virtual Bus Driver; C:\Windows\system32\DRIVERS\ScpVBus.sys [2013-05-05 39168]
R3 SmbDrvIntel;SmbDrvIntel; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-04-18 27408]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-04-18 428304]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2015-10-14 30816]
S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys [2014-03-05 296240]
S3 HDJMidi;DJ Control MP3 e2 MIDI; C:\Windows\system32\DRIVERS\HDJMidi.sys [2014-03-05 276272]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 winusb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HerculesDJControlMP3;Hercules DJ Control MP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2014-03-04 50688]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-09-13 937776]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2014-08-13 96272]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-27 136048]
S2 Ds3Service;SCP DS3 Service; C:\Dreams\Project.Zomboid.Build.32.30\ScpServer\bin\ScpService.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-18 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-27 136048]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-02-04 182304]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-12-12 114688]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-10-27 809424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-02-05 1255736]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2011-08-05 8277728]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Program Files\Zune\ZuneWlanCfgSvc.exe [2011-08-05 467680]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Zde je RSIT. Uvidíme jak na tom bude počítač dál. Vidí tam vaše oči ostříží ještě něco?
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jerry Oak at 2016-02-09 18:59:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (13%) free of 280 GB
Total RAM: 3941 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:41, on 9.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18163)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jerry Oak.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: SCP DS3 Service (Ds3Service) - Unknown owner - C:\Dreams\Project.Zomboid.Build.32.30\ScpServer\bin\ScpService.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Hercules® - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 7756 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe 24823344
\??\C:\Windows\system32\conhost.exe "-763152021-178432594-6417389491966607707192763693468605614-995385401-1110627125
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
taskeng.exe {D9E3B2AF-CE95-4580-A4AB-53FF9ED37004}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-564df5a8-b00e-45f7-90e6-88e32d3b64b3 -SystemEventPortName:HostProcess-f8d30329-f7f3-4308-8dd6-91666354eff5 -IoCancelEventPortName:HostProcess-b693171c-4b7b-474b-bc57-b8b35f3db727 -NonStateChangingEventPortName:HostProcess-97af33db-c4ee-4099-b507-1a4b3b10d0df -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:45d13a98-1554-4fa9-b2b5-37bde90d78f1 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4632.0.1094826215\784697826" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4632.2.1010059093\1883967822" --font-cache-shared-handle=2068 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4632.3.269067514\709417148" --font-cache-shared-handle=2088 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4632.4.1126800032\210593716" --font-cache-shared-handle=3964 /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4632.5.96814096\1692469227" --font-cache-shared-handle=4760 /prefetch:673131151
C:\Windows\system32\sppsvc.exe
"C:\Users\Jerry Oak\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-26 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-26 212576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-18 2899216]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2012-04-18 410896]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CNAP2 Launcher]
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-12-08 24952456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-01-15 23499656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series TrayAgent]
C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [2014-03-04 3574576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg_LENOVO_DOLBYDRAGON]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_DOLBYDRAGON []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Jerry Oak\AppData\Roaming\uTorrent\utorrent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2009-11-11 167008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.pDAD"=prodad-codec.dll
"vidc.XVID"=xvidvfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2016-02-08 18:55:38 ----D---- C:\_OTM
2016-02-08 08:33:28 ----SHD---- C:\Config.Msi
2016-02-08 08:29:38 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-08 08:29:38 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-08 08:25:22 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2016-02-08 08:19:38 ----A---- C:\Windows\system32\invagent.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\generaltel.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\devinv.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\appraiser.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\aeinv.dll
2016-02-08 08:19:37 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-08 08:19:37 ----A---- C:\Windows\system32\acmigration.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wups2.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wups.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wudriver.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wucltux.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuapp.exe
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuapi.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-08 08:19:25 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\system32\nlsbres.dll
2016-02-08 08:18:32 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-02-08 08:18:32 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-02-08 08:18:17 ----A---- C:\Windows\system32\shell32.dll
2016-02-08 08:18:16 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-08 08:18:16 ----A---- C:\Windows\explorer.exe
2016-02-08 08:18:15 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-08 08:18:15 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-08 08:18:15 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-08 08:18:15 ----A---- C:\Windows\system32\authui.dll
2016-02-08 08:18:14 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-07 22:48:16 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-02-07 22:48:15 ----D---- C:\Users\Jerry Oak\AppData\Roaming\SUPERAntiSpyware.com
2016-02-07 22:48:06 ----D---- C:\Program Files\Microsoft Security Client
2016-02-07 22:37:24 ----D---- C:\Program Files\SUPERAntiSpyware
2016-02-07 22:37:19 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2016-02-07 22:36:27 ----D---- C:\ProgramData\SUPERSetup
2016-02-07 13:45:26 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-02-07 13:44:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-07 13:44:49 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-02-07 13:44:49 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2016-02-07 11:51:28 ----A---- C:\Windows\system32\DWrite.dll
2016-02-07 11:51:26 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-02-07 11:51:26 ----A---- C:\Windows\system32\FntCache.dll
2016-02-07 11:51:25 ----A---- C:\Windows\system32\user32.dll
2016-02-07 11:51:17 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-02-07 11:51:12 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-02-07 11:51:11 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-02-07 11:51:11 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-02-07 11:51:11 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-02-07 11:51:10 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-02-07 11:51:10 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-02-07 11:51:09 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\system32\mf.dll
2016-02-07 11:51:06 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-02-07 11:51:05 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-02-07 11:51:04 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-02-07 11:51:03 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-02-07 11:51:03 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-02-07 11:51:02 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-02-07 11:51:02 ----A---- C:\Windows\system32\wmpmde.dll
2016-02-07 11:51:02 ----A---- C:\Windows\system32\quartz.dll
2016-02-07 11:51:02 ----A---- C:\Windows\system32\mcmde.dll
2016-02-07 11:51:01 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-02-07 11:51:01 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-02-07 11:51:01 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-02-07 11:51:01 ----A---- C:\Windows\system32\evr.dll
2016-02-07 11:51:01 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-02-07 11:51:00 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\mfplat.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\devenum.dll
2016-02-07 11:50:58 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-02-07 11:50:58 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-02-07 11:50:58 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-02-07 11:50:58 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-02-07 11:50:57 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-02-07 11:50:57 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-07 11:50:56 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\system32\mfvdsp.dll
2016-02-07 11:50:54 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-02-07 11:50:54 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\SysFxUI.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\qdvd.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\qasf.dll
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-02-07 11:50:52 ----A---- C:\Windows\system32\rrinstaller.exe
2016-02-07 11:50:52 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-02-07 11:50:52 ----A---- C:\Windows\system32\mfps.dll
2016-02-07 11:50:51 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-02-07 11:50:51 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-02-07 11:50:51 ----A---- C:\Windows\system32\mfpmp.exe
2016-02-07 11:50:51 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-02-07 11:50:50 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-02-07 11:50:50 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\mferror.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\ksuser.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-02-07 11:50:50 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-02-07 11:50:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\iertutil.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\iernonce.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-07 11:50:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\urlmon.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\occache.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-07 11:50:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-07 11:50:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-07 11:50:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-07 11:50:34 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-07 11:50:34 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-07 11:50:33 ----A---- C:\Windows\system32\iesetup.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-07 11:50:32 ----A---- C:\Windows\system32\vbscript.dll
2016-02-07 11:50:32 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-07 11:50:31 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\ieui.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\ieframe.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-07 11:50:29 ----A---- C:\Windows\system32\webcheck.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript9.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-07 11:50:28 ----A---- C:\Windows\system32\wininet.dll
2016-02-07 11:50:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-07 11:50:27 ----A---- C:\Windows\system32\msrating.dll
2016-02-07 11:50:27 ----A---- C:\Windows\system32\mshtml.dll
2016-02-07 11:49:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-07 11:49:13 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-07 11:49:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-07 11:49:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-07 11:49:12 ----A---- C:\Windows\system32\schannel.dll
2016-02-07 11:49:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\kernel32.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\kerberos.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\drivers\cng.sys
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-02-07 11:49:10 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-07 11:49:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-07 11:49:10 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-02-07 11:49:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-07 11:49:07 ----A---- C:\Windows\system32\ntdll.dll
2016-02-07 11:49:06 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-07 11:49:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-07 11:49:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-07 11:49:05 ----A---- C:\Windows\system32\winsrv.dll
2016-02-07 11:49:05 ----A---- C:\Windows\system32\wdigest.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\sspicli.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\secur32.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\credssp.dll
2016-02-07 11:49:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-07 11:49:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\wow64win.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\srcore.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\smss.exe
2016-02-07 11:49:03 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\lsass.exe
2016-02-07 11:49:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-07 11:49:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-07 11:49:02 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\wow64.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-07 11:49:02 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\conhost.exe
2016-02-07 11:49:01 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\srclient.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-07 11:49:00 ----A---- C:\Windows\system32\rstrui.exe
2016-02-07 11:48:59 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-07 11:48:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-07 11:48:59 ----A---- C:\Windows\system32\auditpol.exe
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-07 11:48:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-07 11:48:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-07 11:48:58 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-07 11:48:57 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-07 11:48:55 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-07 11:48:55 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-07 11:48:55 ----A---- C:\Windows\system32\adtschema.dll
2016-02-07 11:48:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-07 11:48:54 ----A---- C:\Windows\system32\msaudite.dll
2016-02-07 11:48:53 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-07 11:48:53 ----A---- C:\Windows\system32\msobjs.dll
2016-02-07 11:46:45 ----A---- C:\Windows\system32\win32k.sys
2016-02-07 11:22:30 ----A---- C:\Windows\system32\aepic.dll
2016-02-07 11:21:17 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-02-07 11:21:17 ----A---- C:\Windows\system32\qedit.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-02-07 11:21:16 ----A---- C:\Windows\system32\mapistub.dll
2016-02-07 11:21:16 ----A---- C:\Windows\system32\mapi32.dll
2016-02-07 11:21:16 ----A---- C:\Windows\system32\fixmapi.exe
2016-02-07 11:21:08 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-07 11:21:08 ----A---- C:\Windows\system32\InkEd.dll
2016-02-07 11:21:07 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-07 11:21:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-02-07 11:21:02 ----A---- C:\Windows\system32\tzres.dll
2016-02-07 11:20:53 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-02-07 11:20:53 ----A---- C:\Windows\system32\gdi32.dll
2016-02-07 11:20:52 ----A---- C:\Windows\SYSWOW64\els.dll
2016-02-07 11:20:52 ----A---- C:\Windows\system32\els.dll
2016-02-07 11:20:49 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2016-02-07 11:20:49 ----A---- C:\Windows\system32\apphelp.dll
2016-02-07 11:20:48 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2016-02-07 11:20:48 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2016-02-07 11:20:48 ----A---- C:\Windows\system32\shimeng.dll
2016-02-07 11:20:48 ----A---- C:\Windows\system32\sdbinst.exe
2016-02-07 11:20:48 ----A---- C:\Windows\system32\aelupsvc.dll
2016-02-07 11:20:46 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-02-07 11:20:46 ----A---- C:\Windows\system32\drivers\afd.sys
2016-02-07 11:20:42 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-02-07 11:20:42 ----A---- C:\Windows\system32\usp10.dll
2016-02-07 11:20:40 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-07 11:20:40 ----A---- C:\Windows\system32\advapi32.dll
2016-02-07 11:20:39 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-02-07 11:20:39 ----A---- C:\Windows\system32\wshrm.dll
2016-02-07 11:20:39 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-02-07 11:20:37 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-02-07 11:20:36 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-02-07 11:20:36 ----A---- C:\Windows\system32\comsvcs.dll
2016-02-07 11:20:36 ----A---- C:\Windows\system32\catsrvut.dll
2016-02-07 11:20:35 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-02-07 11:00:59 ----D---- C:\rsit
2016-02-07 11:00:59 ----D---- C:\Program Files\trend micro
2016-02-07 10:04:52 ----A---- C:\Windows\ntbtlog.txt
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntfNT.dll
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntf32.dll
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntf16.dll
2016-02-06 12:41:48 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2016-02-05 18:18:47 ----D---- C:\AdwCleaner
2016-02-01 20:01:39 ----D---- C:\Users\Jerry Oak\AppData\Roaming\ParadoxInteractive
2016-02-01 07:46:25 ----ASH---- C:\pagefile.sys
2016-01-30 18:25:33 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-01-30 14:18:59 ----N---- C:\Windows\system32\MpSigStub.exe
2016-01-11 20:22:29 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Freelancer
2016-01-10 16:09:49 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2016-01-10 16:09:06 ----D---- C:\DirectX9.0c
======List of files/folders modified in the last 1 month======
2016-02-09 18:59:32 ----D---- C:\Windows\Temp
2016-02-09 18:54:30 ----D---- C:\Windows\SysWOW64
2016-02-09 18:54:30 ----D---- C:\Windows
2016-02-09 18:50:40 ----D---- C:\Users\Jerry Oak\AppData\Roaming\AIMP3
2016-02-09 18:47:41 ----D---- C:\Windows\System32
2016-02-09 18:47:41 ----D---- C:\Windows\inf
2016-02-09 18:47:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-09 18:34:07 ----D---- C:\Windows\system32\config
2016-02-08 23:56:10 ----D---- C:\Windows\Microsoft.NET
2016-02-08 20:16:32 ----D---- C:\Windows\winsxs
2016-02-08 18:55:40 ----D---- C:\Windows\Tasks
2016-02-08 17:32:43 ----RSD---- C:\Windows\assembly
2016-02-08 09:52:15 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-08 09:52:15 ----D---- C:\Windows\system32\cs-CZ
2016-02-08 09:52:14 ----SD---- C:\Windows\system32\CompatTel
2016-02-08 09:52:14 ----D---- C:\Windows\system32\appraiser
2016-02-08 09:52:14 ----D---- C:\Windows\AppPatch
2016-02-08 09:52:13 ----D---- C:\Windows\system32\drivers
2016-02-08 09:52:13 ----D---- C:\Windows\ehome
2016-02-08 09:52:09 ----RSD---- C:\Windows\Fonts
2016-02-08 09:52:09 ----D---- C:\Windows\cs-CZ
2016-02-08 09:52:08 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-08 09:52:08 ----D---- C:\Program Files\Internet Explorer
2016-02-08 09:52:07 ----D---- C:\Windows\system32\en-US
2016-02-08 09:52:07 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-08 09:52:06 ----D---- C:\Windows\system32\migration
2016-02-08 09:52:06 ----D---- C:\Program Files\Windows Journal
2016-02-08 09:51:51 ----D---- C:\Windows\system32\DriverStore
2016-02-08 09:16:35 ----SHD---- C:\Windows\Installer
2016-02-08 09:06:26 ----D---- C:\Windows\system32\MRT
2016-02-08 09:06:17 ----A---- C:\Windows\system32\MRT.exe
2016-02-08 08:58:02 ----RD---- C:\Program Files (x86)
2016-02-08 08:34:13 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-08 08:31:08 ----ASD---- C:\ProgramData\Microsoft
2016-02-08 08:29:38 ----RD---- C:\Program Files
2016-02-08 08:21:06 ----D---- C:\Windows\system32\catroot2
2016-02-08 08:20:32 ----SHD---- C:\System Volume Information
2016-02-07 22:37:21 ----HD---- C:\ProgramData
2016-02-07 22:33:12 ----D---- C:\Windows\Prefetch
2016-02-07 21:18:36 ----D---- C:\Program Files (x86)\Steam
2016-02-07 21:16:58 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Skype
2016-02-07 20:59:28 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Tunngle
2016-02-07 17:59:19 ----D---- C:\Windows\system32\Tasks
2016-02-07 17:59:05 ----D---- C:\ProgramData\Skype
2016-02-07 14:19:51 ----D---- C:\Program Files (x86)\TeamViewer
2016-02-07 13:47:10 ----D---- C:\Windows\system32\drivers\etc
2016-02-07 12:58:05 ----D---- C:\Dreams
2016-02-07 08:19:04 ----D---- C:\TeamSpeak 3 Client
2016-02-07 08:11:19 ----D---- C:\Users\Jerry Oak\AppData\Roaming\qBittorrent
2016-02-07 07:14:26 ----D---- C:\ProgramData\Tunngle
2016-02-06 17:05:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-06 13:49:09 ----D---- C:\Users\Jerry Oak\AppData\Roaming\vlc
2016-02-04 20:45:22 ----D---- C:\Windows\Minidump
2016-02-02 22:12:46 ----D---- C:\ProgramData\Package Cache
2016-01-30 12:04:11 ----D---- C:\ProgramData\Avira
2016-01-28 19:43:18 ----D---- C:\ProgramData\Steam
2016-01-28 18:54:35 ----D---- C:\Windows\SYSWOW64\directx
2016-01-26 23:06:59 ----D---- C:\Users\Jerry Oak\AppData\Roaming\.minecraft
2016-01-26 18:05:14 ----D---- C:\ProgramData\Oracle
2016-01-26 18:01:20 ----D---- C:\Program Files\Java
2016-01-26 18:00:52 ----D---- C:\Program Files (x86)\Common Files
2016-01-26 17:59:58 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2016-01-18 22:10:57 ----D---- C:\Program Files (x86)\BYOND
2016-01-16 23:26:26 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Audacity
2016-01-11 06:42:03 ----RD---- C:\Program Files (x86)\Skype
2016-01-10 16:09:51 ----D---- C:\Program Files (x86)\OpenAL
2016-01-10 16:09:51 ----A---- C:\Windows\system32\wrap_oal.dll
2016-01-10 16:09:51 ----A---- C:\Windows\system32\OpenAL32.dll
2016-01-10 16:09:49 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-09-14 31352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-03 283064]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 ScpVBus;Scp Virtual Bus Driver; C:\Windows\system32\DRIVERS\ScpVBus.sys [2013-05-05 39168]
R3 SmbDrvIntel;SmbDrvIntel; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-04-18 27408]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-04-18 428304]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2015-10-14 30816]
S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys [2014-03-05 296240]
S3 HDJMidi;DJ Control MP3 e2 MIDI; C:\Windows\system32\DRIVERS\HDJMidi.sys [2014-03-05 276272]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 winusb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HerculesDJControlMP3;Hercules DJ Control MP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2014-03-04 50688]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-09-13 937776]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2014-08-13 96272]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-27 136048]
S2 Ds3Service;SCP DS3 Service; C:\Dreams\Project.Zomboid.Build.32.30\ScpServer\bin\ScpService.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-18 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-27 136048]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-02-04 182304]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-12-12 114688]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-10-27 809424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-02-05 1255736]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2011-08-05 8277728]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Program Files\Zune\ZuneWlanCfgSvc.exe [2011-08-05 467680]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
yardafreeman
- Návštěvník
- Příspěvky: 19
- Registrován: 04 úno 2006 19:06
Re: Zasekaný laptop po 10 minutách
Dodávám, že problém přetrvává.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zasekaný laptop po 10 minutách
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
yardafreeman
- Návštěvník
- Příspěvky: 19
- Registrován: 04 úno 2006 19:06
Re: Zasekaný laptop po 10 minutách
Furt peklo 
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jerry Oak at 2016-02-10 17:39:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (13%) free of 280 GB
Total RAM: 3941 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:43:25, on 10.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18163)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jerry Oak.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: SCP DS3 Service (Ds3Service) - Unknown owner - C:\Dreams\Project.Zomboid.Build.32.30\ScpServer\bin\ScpService.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Hercules® - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 7696 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe 26572816
\??\C:\Windows\system32\conhost.exe "-10978918801905366626-1045735201-12258066091563787150-1363846742911199452-582851837
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {34DF4A92-CE6A-4C63-99EF-44D3E092D7A1}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-34737b60-3517-49d0-91b7-71b19cfc6797 -SystemEventPortName:HostProcess-24ce0866-a982-44c3-ad66-eb77ab6b9486 -IoCancelEventPortName:HostProcess-8c5b26fb-803e-471c-9dab-eb48b5ec41bd -NonStateChangingEventPortName:HostProcess-1136c1e0-d4ff-4c11-9e39-443d0c981dd8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0d3797d6-3db3-4d81-8926-da0973b019c6 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -queuereporting
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Users\Jerry Oak\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2884.0.1848700825\217246839" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2884.1.795023434\1658674418" --font-cache-shared-handle=1824 /prefetch:673131151
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2884.2.526294871\32887658" --font-cache-shared-handle=1964 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2884.3.601452448\695775048" --font-cache-shared-handle=2120 /prefetch:673131151
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-26 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-26 212576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-18 2899216]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2012-04-18 410896]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CNAP2 Launcher]
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-12-08 24952456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-01-15 23499656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series TrayAgent]
C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [2014-03-04 3574576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg_LENOVO_DOLBYDRAGON]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_DOLBYDRAGON []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Jerry Oak\AppData\Roaming\uTorrent\utorrent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2009-11-11 167008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.pDAD"=prodad-codec.dll
"vidc.XVID"=xvidvfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2016-02-08 18:55:38 ----D---- C:\_OTM
2016-02-08 08:33:28 ----SHD---- C:\Config.Msi
2016-02-08 08:29:38 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-08 08:29:38 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-08 08:25:22 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2016-02-08 08:19:38 ----A---- C:\Windows\system32\invagent.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\generaltel.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\devinv.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\appraiser.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\aeinv.dll
2016-02-08 08:19:37 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-08 08:19:37 ----A---- C:\Windows\system32\acmigration.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wups2.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wups.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wudriver.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wucltux.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuapp.exe
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuapi.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-08 08:19:25 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\system32\nlsbres.dll
2016-02-08 08:18:32 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-02-08 08:18:32 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-02-08 08:18:17 ----A---- C:\Windows\system32\shell32.dll
2016-02-08 08:18:16 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-08 08:18:16 ----A---- C:\Windows\explorer.exe
2016-02-08 08:18:15 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-08 08:18:15 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-08 08:18:15 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-08 08:18:15 ----A---- C:\Windows\system32\authui.dll
2016-02-08 08:18:14 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-07 22:48:16 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-02-07 22:48:15 ----D---- C:\Users\Jerry Oak\AppData\Roaming\SUPERAntiSpyware.com
2016-02-07 22:48:06 ----D---- C:\Program Files\Microsoft Security Client
2016-02-07 22:37:24 ----D---- C:\Program Files\SUPERAntiSpyware
2016-02-07 22:37:19 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2016-02-07 22:36:27 ----D---- C:\ProgramData\SUPERSetup
2016-02-07 13:45:26 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-02-07 13:44:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-07 13:44:49 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-02-07 13:44:49 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2016-02-07 11:51:28 ----A---- C:\Windows\system32\DWrite.dll
2016-02-07 11:51:26 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-02-07 11:51:26 ----A---- C:\Windows\system32\FntCache.dll
2016-02-07 11:51:25 ----A---- C:\Windows\system32\user32.dll
2016-02-07 11:51:17 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-02-07 11:51:12 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-02-07 11:51:11 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-02-07 11:51:11 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-02-07 11:51:11 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-02-07 11:51:10 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-02-07 11:51:10 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-02-07 11:51:09 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\system32\mf.dll
2016-02-07 11:51:06 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-02-07 11:51:05 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-02-07 11:51:04 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-02-07 11:51:03 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-02-07 11:51:03 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-02-07 11:51:02 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-02-07 11:51:02 ----A---- C:\Windows\system32\wmpmde.dll
2016-02-07 11:51:02 ----A---- C:\Windows\system32\quartz.dll
2016-02-07 11:51:02 ----A---- C:\Windows\system32\mcmde.dll
2016-02-07 11:51:01 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-02-07 11:51:01 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-02-07 11:51:01 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-02-07 11:51:01 ----A---- C:\Windows\system32\evr.dll
2016-02-07 11:51:01 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-02-07 11:51:00 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\mfplat.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\devenum.dll
2016-02-07 11:50:58 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-02-07 11:50:58 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-02-07 11:50:58 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-02-07 11:50:58 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-02-07 11:50:57 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-02-07 11:50:57 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-07 11:50:56 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\system32\mfvdsp.dll
2016-02-07 11:50:54 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-02-07 11:50:54 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\SysFxUI.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\qdvd.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\qasf.dll
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-02-07 11:50:52 ----A---- C:\Windows\system32\rrinstaller.exe
2016-02-07 11:50:52 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-02-07 11:50:52 ----A---- C:\Windows\system32\mfps.dll
2016-02-07 11:50:51 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-02-07 11:50:51 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-02-07 11:50:51 ----A---- C:\Windows\system32\mfpmp.exe
2016-02-07 11:50:51 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-02-07 11:50:50 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-02-07 11:50:50 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\mferror.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\ksuser.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-02-07 11:50:50 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-02-07 11:50:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\iertutil.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\iernonce.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-07 11:50:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\urlmon.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\occache.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-07 11:50:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-07 11:50:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-07 11:50:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-07 11:50:34 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-07 11:50:34 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-07 11:50:33 ----A---- C:\Windows\system32\iesetup.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-07 11:50:32 ----A---- C:\Windows\system32\vbscript.dll
2016-02-07 11:50:32 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-07 11:50:31 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\ieui.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\ieframe.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-07 11:50:29 ----A---- C:\Windows\system32\webcheck.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript9.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-07 11:50:28 ----A---- C:\Windows\system32\wininet.dll
2016-02-07 11:50:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-07 11:50:27 ----A---- C:\Windows\system32\msrating.dll
2016-02-07 11:50:27 ----A---- C:\Windows\system32\mshtml.dll
2016-02-07 11:49:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-07 11:49:13 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-07 11:49:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-07 11:49:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-07 11:49:12 ----A---- C:\Windows\system32\schannel.dll
2016-02-07 11:49:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\kernel32.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\kerberos.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\drivers\cng.sys
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-02-07 11:49:10 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-07 11:49:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-07 11:49:10 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-02-07 11:49:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-07 11:49:07 ----A---- C:\Windows\system32\ntdll.dll
2016-02-07 11:49:06 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-07 11:49:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-07 11:49:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-07 11:49:05 ----A---- C:\Windows\system32\winsrv.dll
2016-02-07 11:49:05 ----A---- C:\Windows\system32\wdigest.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\sspicli.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\secur32.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\credssp.dll
2016-02-07 11:49:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-07 11:49:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\wow64win.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\srcore.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\smss.exe
2016-02-07 11:49:03 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\lsass.exe
2016-02-07 11:49:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-07 11:49:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-07 11:49:02 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\wow64.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-07 11:49:02 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\conhost.exe
2016-02-07 11:49:01 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\srclient.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-07 11:49:00 ----A---- C:\Windows\system32\rstrui.exe
2016-02-07 11:48:59 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-07 11:48:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-07 11:48:59 ----A---- C:\Windows\system32\auditpol.exe
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-07 11:48:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-07 11:48:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-07 11:48:58 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-07 11:48:57 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-07 11:48:55 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-07 11:48:55 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-07 11:48:55 ----A---- C:\Windows\system32\adtschema.dll
2016-02-07 11:48:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-07 11:48:54 ----A---- C:\Windows\system32\msaudite.dll
2016-02-07 11:48:53 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-07 11:48:53 ----A---- C:\Windows\system32\msobjs.dll
2016-02-07 11:46:45 ----A---- C:\Windows\system32\win32k.sys
2016-02-07 11:22:30 ----A---- C:\Windows\system32\aepic.dll
2016-02-07 11:21:17 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-02-07 11:21:17 ----A---- C:\Windows\system32\qedit.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-02-07 11:21:16 ----A---- C:\Windows\system32\mapistub.dll
2016-02-07 11:21:16 ----A---- C:\Windows\system32\mapi32.dll
2016-02-07 11:21:16 ----A---- C:\Windows\system32\fixmapi.exe
2016-02-07 11:21:08 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-07 11:21:08 ----A---- C:\Windows\system32\InkEd.dll
2016-02-07 11:21:07 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-07 11:21:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-02-07 11:21:02 ----A---- C:\Windows\system32\tzres.dll
2016-02-07 11:20:53 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-02-07 11:20:53 ----A---- C:\Windows\system32\gdi32.dll
2016-02-07 11:20:52 ----A---- C:\Windows\SYSWOW64\els.dll
2016-02-07 11:20:52 ----A---- C:\Windows\system32\els.dll
2016-02-07 11:20:49 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2016-02-07 11:20:49 ----A---- C:\Windows\system32\apphelp.dll
2016-02-07 11:20:48 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2016-02-07 11:20:48 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2016-02-07 11:20:48 ----A---- C:\Windows\system32\shimeng.dll
2016-02-07 11:20:48 ----A---- C:\Windows\system32\sdbinst.exe
2016-02-07 11:20:48 ----A---- C:\Windows\system32\aelupsvc.dll
2016-02-07 11:20:46 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-02-07 11:20:46 ----A---- C:\Windows\system32\drivers\afd.sys
2016-02-07 11:20:42 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-02-07 11:20:42 ----A---- C:\Windows\system32\usp10.dll
2016-02-07 11:20:40 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-07 11:20:40 ----A---- C:\Windows\system32\advapi32.dll
2016-02-07 11:20:39 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-02-07 11:20:39 ----A---- C:\Windows\system32\wshrm.dll
2016-02-07 11:20:39 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-02-07 11:20:37 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-02-07 11:20:36 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-02-07 11:20:36 ----A---- C:\Windows\system32\comsvcs.dll
2016-02-07 11:20:36 ----A---- C:\Windows\system32\catsrvut.dll
2016-02-07 11:20:35 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-02-07 11:00:59 ----D---- C:\rsit
2016-02-07 11:00:59 ----D---- C:\Program Files\trend micro
2016-02-07 10:04:52 ----A---- C:\Windows\ntbtlog.txt
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntfNT.dll
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntf32.dll
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntf16.dll
2016-02-06 12:41:48 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2016-02-05 18:18:47 ----D---- C:\AdwCleaner
2016-02-01 20:01:39 ----D---- C:\Users\Jerry Oak\AppData\Roaming\ParadoxInteractive
2016-02-01 07:46:25 ----ASH---- C:\pagefile.sys
2016-01-30 18:25:33 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-01-30 14:18:59 ----N---- C:\Windows\system32\MpSigStub.exe
2016-01-11 20:22:29 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Freelancer
======List of files/folders modified in the last 1 month======
2016-02-10 17:40:13 ----D---- C:\Windows\Temp
2016-02-10 12:32:54 ----D---- C:\Windows\System32
2016-02-10 12:32:54 ----D---- C:\Windows\inf
2016-02-10 12:32:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-10 12:30:12 ----D---- C:\Windows\system32\config
2016-02-10 12:24:33 ----D---- C:\Windows\Tasks
2016-02-09 22:47:56 ----D---- C:\Users\Jerry Oak\AppData\Roaming\AIMP3
2016-02-09 18:54:30 ----D---- C:\Windows\SysWOW64
2016-02-09 18:54:30 ----D---- C:\Windows
2016-02-08 23:56:10 ----D---- C:\Windows\Microsoft.NET
2016-02-08 20:16:32 ----D---- C:\Windows\winsxs
2016-02-08 17:32:43 ----RSD---- C:\Windows\assembly
2016-02-08 09:52:15 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-08 09:52:15 ----D---- C:\Windows\system32\cs-CZ
2016-02-08 09:52:14 ----SD---- C:\Windows\system32\CompatTel
2016-02-08 09:52:14 ----D---- C:\Windows\system32\appraiser
2016-02-08 09:52:14 ----D---- C:\Windows\AppPatch
2016-02-08 09:52:13 ----D---- C:\Windows\system32\drivers
2016-02-08 09:52:13 ----D---- C:\Windows\ehome
2016-02-08 09:52:09 ----RSD---- C:\Windows\Fonts
2016-02-08 09:52:09 ----D---- C:\Windows\cs-CZ
2016-02-08 09:52:08 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-08 09:52:08 ----D---- C:\Program Files\Internet Explorer
2016-02-08 09:52:07 ----D---- C:\Windows\system32\en-US
2016-02-08 09:52:07 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-08 09:52:06 ----D---- C:\Windows\system32\migration
2016-02-08 09:52:06 ----D---- C:\Program Files\Windows Journal
2016-02-08 09:51:51 ----D---- C:\Windows\system32\DriverStore
2016-02-08 09:16:35 ----SHD---- C:\Windows\Installer
2016-02-08 09:13:11 ----D---- C:\Windows\system32\MRT
2016-02-08 09:06:17 ----A---- C:\Windows\system32\MRT.exe
2016-02-08 08:58:02 ----RD---- C:\Program Files (x86)
2016-02-08 08:34:13 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-08 08:31:08 ----ASD---- C:\ProgramData\Microsoft
2016-02-08 08:29:38 ----RD---- C:\Program Files
2016-02-08 08:21:06 ----D---- C:\Windows\system32\catroot2
2016-02-08 08:20:32 ----SHD---- C:\System Volume Information
2016-02-07 22:37:21 ----HD---- C:\ProgramData
2016-02-07 22:33:12 ----D---- C:\Windows\Prefetch
2016-02-07 21:18:36 ----D---- C:\Program Files (x86)\Steam
2016-02-07 21:16:58 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Skype
2016-02-07 20:59:28 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Tunngle
2016-02-07 17:59:19 ----D---- C:\Windows\system32\Tasks
2016-02-07 17:59:05 ----D---- C:\ProgramData\Skype
2016-02-07 14:19:51 ----D---- C:\Program Files (x86)\TeamViewer
2016-02-07 13:47:10 ----D---- C:\Windows\system32\drivers\etc
2016-02-07 12:58:05 ----D---- C:\Dreams
2016-02-07 08:19:04 ----D---- C:\TeamSpeak 3 Client
2016-02-07 08:11:19 ----D---- C:\Users\Jerry Oak\AppData\Roaming\qBittorrent
2016-02-07 07:14:26 ----D---- C:\ProgramData\Tunngle
2016-02-06 17:05:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-06 13:49:09 ----D---- C:\Users\Jerry Oak\AppData\Roaming\vlc
2016-02-04 20:45:22 ----D---- C:\Windows\Minidump
2016-02-02 22:12:46 ----D---- C:\ProgramData\Package Cache
2016-01-30 12:04:11 ----D---- C:\ProgramData\Avira
2016-01-28 19:43:18 ----D---- C:\ProgramData\Steam
2016-01-28 18:54:35 ----D---- C:\Windows\SYSWOW64\directx
2016-01-26 23:06:59 ----D---- C:\Users\Jerry Oak\AppData\Roaming\.minecraft
2016-01-26 18:05:14 ----D---- C:\ProgramData\Oracle
2016-01-26 18:01:20 ----D---- C:\Program Files\Java
2016-01-26 18:00:52 ----D---- C:\Program Files (x86)\Common Files
2016-01-26 17:59:58 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2016-01-18 22:10:57 ----D---- C:\Program Files (x86)\BYOND
2016-01-16 23:26:26 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Audacity
2016-01-11 06:42:03 ----RD---- C:\Program Files (x86)\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-09-14 31352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-03 283064]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 ScpVBus;Scp Virtual Bus Driver; C:\Windows\system32\DRIVERS\ScpVBus.sys [2013-05-05 39168]
R3 SmbDrvIntel;SmbDrvIntel; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-04-18 27408]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-04-18 428304]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2015-10-14 30816]
S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys [2014-03-05 296240]
S3 HDJMidi;DJ Control MP3 e2 MIDI; C:\Windows\system32\DRIVERS\HDJMidi.sys [2014-03-05 276272]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 winusb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HerculesDJControlMP3;Hercules DJ Control MP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2014-03-04 50688]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-09-13 937776]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2014-08-13 96272]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-27 136048]
S2 Ds3Service;SCP DS3 Service; C:\Dreams\Project.Zomboid.Build.32.30\ScpServer\bin\ScpService.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-18 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-27 136048]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-02-04 182304]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-12-12 114688]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-10-27 809424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-02-05 1255736]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2011-08-05 8277728]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Program Files\Zune\ZuneWlanCfgSvc.exe [2011-08-05 467680]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jerry Oak at 2016-02-10 17:39:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (13%) free of 280 GB
Total RAM: 3941 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:43:25, on 10.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18163)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jerry Oak.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: SCP DS3 Service (Ds3Service) - Unknown owner - C:\Dreams\Project.Zomboid.Build.32.30\ScpServer\bin\ScpService.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Hercules® - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 7696 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe 26572816
\??\C:\Windows\system32\conhost.exe "-10978918801905366626-1045735201-12258066091563787150-1363846742911199452-582851837
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {34DF4A92-CE6A-4C63-99EF-44D3E092D7A1}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-34737b60-3517-49d0-91b7-71b19cfc6797 -SystemEventPortName:HostProcess-24ce0866-a982-44c3-ad66-eb77ab6b9486 -IoCancelEventPortName:HostProcess-8c5b26fb-803e-471c-9dab-eb48b5ec41bd -NonStateChangingEventPortName:HostProcess-1136c1e0-d4ff-4c11-9e39-443d0c981dd8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0d3797d6-3db3-4d81-8926-da0973b019c6 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -queuereporting
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Users\Jerry Oak\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2884.0.1848700825\217246839" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2884.1.795023434\1658674418" --font-cache-shared-handle=1824 /prefetch:673131151
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2884.2.526294871\32887658" --font-cache-shared-handle=1964 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PageRevisitInstrumentation/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2884.3.601452448\695775048" --font-cache-shared-handle=2120 /prefetch:673131151
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-26 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-26 212576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-18 2899216]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2012-04-18 410896]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CNAP2 Launcher]
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-12-08 24952456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-01-15 23499656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series TrayAgent]
C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [2014-03-04 3574576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg_LENOVO_DOLBYDRAGON]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_DOLBYDRAGON []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Jerry Oak\AppData\Roaming\uTorrent\utorrent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2009-11-11 167008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.pDAD"=prodad-codec.dll
"vidc.XVID"=xvidvfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2016-02-08 18:55:38 ----D---- C:\_OTM
2016-02-08 08:33:28 ----SHD---- C:\Config.Msi
2016-02-08 08:29:38 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-08 08:29:38 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-08 08:25:22 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2016-02-08 08:19:38 ----A---- C:\Windows\system32\invagent.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\generaltel.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\devinv.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\appraiser.dll
2016-02-08 08:19:38 ----A---- C:\Windows\system32\aeinv.dll
2016-02-08 08:19:37 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-08 08:19:37 ----A---- C:\Windows\system32\acmigration.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-08 08:19:26 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wups2.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wups.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wudriver.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wucltux.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuapp.exe
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wuapi.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-08 08:19:26 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-08 08:19:25 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\system32\nlsbres.dll
2016-02-08 08:18:32 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-02-08 08:18:32 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-02-08 08:18:32 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-02-08 08:18:17 ----A---- C:\Windows\system32\shell32.dll
2016-02-08 08:18:16 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-08 08:18:16 ----A---- C:\Windows\explorer.exe
2016-02-08 08:18:15 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-08 08:18:15 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-08 08:18:15 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-08 08:18:15 ----A---- C:\Windows\system32\authui.dll
2016-02-08 08:18:14 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-07 22:48:16 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-02-07 22:48:15 ----D---- C:\Users\Jerry Oak\AppData\Roaming\SUPERAntiSpyware.com
2016-02-07 22:48:06 ----D---- C:\Program Files\Microsoft Security Client
2016-02-07 22:37:24 ----D---- C:\Program Files\SUPERAntiSpyware
2016-02-07 22:37:19 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2016-02-07 22:36:27 ----D---- C:\ProgramData\SUPERSetup
2016-02-07 13:45:26 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-02-07 13:45:00 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-02-07 13:44:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-07 13:44:49 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-02-07 13:44:49 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2016-02-07 11:51:28 ----A---- C:\Windows\system32\DWrite.dll
2016-02-07 11:51:26 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-02-07 11:51:26 ----A---- C:\Windows\system32\FntCache.dll
2016-02-07 11:51:25 ----A---- C:\Windows\system32\user32.dll
2016-02-07 11:51:17 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-02-07 11:51:12 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-02-07 11:51:11 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-02-07 11:51:11 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-02-07 11:51:11 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-02-07 11:51:10 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-02-07 11:51:10 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-02-07 11:51:09 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-02-07 11:51:08 ----A---- C:\Windows\system32\mf.dll
2016-02-07 11:51:06 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-02-07 11:51:05 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-02-07 11:51:04 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-02-07 11:51:03 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-02-07 11:51:03 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-02-07 11:51:02 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-02-07 11:51:02 ----A---- C:\Windows\system32\wmpmde.dll
2016-02-07 11:51:02 ----A---- C:\Windows\system32\quartz.dll
2016-02-07 11:51:02 ----A---- C:\Windows\system32\mcmde.dll
2016-02-07 11:51:01 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-02-07 11:51:01 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-02-07 11:51:01 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-02-07 11:51:01 ----A---- C:\Windows\system32\evr.dll
2016-02-07 11:51:01 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-02-07 11:51:00 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-02-07 11:51:00 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-02-07 11:51:00 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-02-07 11:50:59 ----A---- C:\Windows\system32\mfplat.dll
2016-02-07 11:50:59 ----A---- C:\Windows\system32\devenum.dll
2016-02-07 11:50:58 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-02-07 11:50:58 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-02-07 11:50:58 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-02-07 11:50:58 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-02-07 11:50:57 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-02-07 11:50:57 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-07 11:50:56 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-02-07 11:50:55 ----A---- C:\Windows\system32\mfvdsp.dll
2016-02-07 11:50:54 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-02-07 11:50:54 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\SysFxUI.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\qdvd.dll
2016-02-07 11:50:54 ----A---- C:\Windows\system32\qasf.dll
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-02-07 11:50:53 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-02-07 11:50:52 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-02-07 11:50:52 ----A---- C:\Windows\system32\rrinstaller.exe
2016-02-07 11:50:52 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-02-07 11:50:52 ----A---- C:\Windows\system32\mfps.dll
2016-02-07 11:50:51 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-02-07 11:50:51 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-02-07 11:50:51 ----A---- C:\Windows\system32\mfpmp.exe
2016-02-07 11:50:51 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-02-07 11:50:50 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-02-07 11:50:50 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\mferror.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\ksuser.dll
2016-02-07 11:50:50 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-02-07 11:50:50 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-02-07 11:50:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-07 11:50:38 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\iertutil.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-07 11:50:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-07 11:50:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\iernonce.dll
2016-02-07 11:50:37 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-07 11:50:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-07 11:50:35 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\urlmon.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\occache.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-07 11:50:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-07 11:50:35 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-07 11:50:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-07 11:50:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-07 11:50:34 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-07 11:50:34 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-07 11:50:33 ----A---- C:\Windows\system32\iesetup.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-07 11:50:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-07 11:50:32 ----A---- C:\Windows\system32\vbscript.dll
2016-02-07 11:50:32 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-07 11:50:31 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\ieui.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\ieframe.dll
2016-02-07 11:50:31 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-07 11:50:30 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-07 11:50:29 ----A---- C:\Windows\system32\webcheck.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript9.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\jscript.dll
2016-02-07 11:50:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-07 11:50:28 ----A---- C:\Windows\system32\wininet.dll
2016-02-07 11:50:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-07 11:50:27 ----A---- C:\Windows\system32\msrating.dll
2016-02-07 11:50:27 ----A---- C:\Windows\system32\mshtml.dll
2016-02-07 11:49:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-07 11:49:13 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-07 11:49:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-07 11:49:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-07 11:49:12 ----A---- C:\Windows\system32\schannel.dll
2016-02-07 11:49:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\kernel32.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\kerberos.dll
2016-02-07 11:49:11 ----A---- C:\Windows\system32\drivers\cng.sys
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-07 11:49:10 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-02-07 11:49:10 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-07 11:49:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-07 11:49:10 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-02-07 11:49:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-07 11:49:07 ----A---- C:\Windows\system32\ntdll.dll
2016-02-07 11:49:06 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-07 11:49:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-07 11:49:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-07 11:49:05 ----A---- C:\Windows\system32\winsrv.dll
2016-02-07 11:49:05 ----A---- C:\Windows\system32\wdigest.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-07 11:49:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\sspicli.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\secur32.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-07 11:49:04 ----A---- C:\Windows\system32\credssp.dll
2016-02-07 11:49:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-07 11:49:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\wow64win.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\srcore.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\smss.exe
2016-02-07 11:49:03 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-07 11:49:03 ----A---- C:\Windows\system32\lsass.exe
2016-02-07 11:49:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-07 11:49:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-07 11:49:02 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\wow64.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-07 11:49:02 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-07 11:49:02 ----A---- C:\Windows\system32\conhost.exe
2016-02-07 11:49:01 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\srclient.dll
2016-02-07 11:49:01 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-07 11:49:00 ----A---- C:\Windows\system32\rstrui.exe
2016-02-07 11:48:59 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-07 11:48:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-07 11:48:59 ----A---- C:\Windows\system32\auditpol.exe
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-07 11:48:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-07 11:48:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-07 11:48:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-07 11:48:58 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-07 11:48:57 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-07 11:48:57 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-07 11:48:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-07 11:48:55 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-07 11:48:55 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-07 11:48:55 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-07 11:48:55 ----A---- C:\Windows\system32\adtschema.dll
2016-02-07 11:48:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-07 11:48:54 ----A---- C:\Windows\system32\msaudite.dll
2016-02-07 11:48:53 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-07 11:48:53 ----A---- C:\Windows\system32\msobjs.dll
2016-02-07 11:46:45 ----A---- C:\Windows\system32\win32k.sys
2016-02-07 11:22:30 ----A---- C:\Windows\system32\aepic.dll
2016-02-07 11:21:17 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-02-07 11:21:17 ----A---- C:\Windows\system32\qedit.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-02-07 11:21:16 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-02-07 11:21:16 ----A---- C:\Windows\system32\mapistub.dll
2016-02-07 11:21:16 ----A---- C:\Windows\system32\mapi32.dll
2016-02-07 11:21:16 ----A---- C:\Windows\system32\fixmapi.exe
2016-02-07 11:21:08 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-07 11:21:08 ----A---- C:\Windows\system32\InkEd.dll
2016-02-07 11:21:07 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-07 11:21:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-02-07 11:21:02 ----A---- C:\Windows\system32\tzres.dll
2016-02-07 11:20:53 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-02-07 11:20:53 ----A---- C:\Windows\system32\gdi32.dll
2016-02-07 11:20:52 ----A---- C:\Windows\SYSWOW64\els.dll
2016-02-07 11:20:52 ----A---- C:\Windows\system32\els.dll
2016-02-07 11:20:49 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2016-02-07 11:20:49 ----A---- C:\Windows\system32\apphelp.dll
2016-02-07 11:20:48 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2016-02-07 11:20:48 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2016-02-07 11:20:48 ----A---- C:\Windows\system32\shimeng.dll
2016-02-07 11:20:48 ----A---- C:\Windows\system32\sdbinst.exe
2016-02-07 11:20:48 ----A---- C:\Windows\system32\aelupsvc.dll
2016-02-07 11:20:46 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-02-07 11:20:46 ----A---- C:\Windows\system32\drivers\afd.sys
2016-02-07 11:20:42 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-02-07 11:20:42 ----A---- C:\Windows\system32\usp10.dll
2016-02-07 11:20:40 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-07 11:20:40 ----A---- C:\Windows\system32\advapi32.dll
2016-02-07 11:20:39 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-02-07 11:20:39 ----A---- C:\Windows\system32\wshrm.dll
2016-02-07 11:20:39 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-02-07 11:20:37 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-02-07 11:20:36 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-02-07 11:20:36 ----A---- C:\Windows\system32\comsvcs.dll
2016-02-07 11:20:36 ----A---- C:\Windows\system32\catsrvut.dll
2016-02-07 11:20:35 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-02-07 11:00:59 ----D---- C:\rsit
2016-02-07 11:00:59 ----D---- C:\Program Files\trend micro
2016-02-07 10:04:52 ----A---- C:\Windows\ntbtlog.txt
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntfNT.dll
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntf32.dll
2016-02-06 14:30:38 ----A---- C:\Windows\SYSWOW64\SIntf16.dll
2016-02-06 12:41:48 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2016-02-05 18:18:47 ----D---- C:\AdwCleaner
2016-02-01 20:01:39 ----D---- C:\Users\Jerry Oak\AppData\Roaming\ParadoxInteractive
2016-02-01 07:46:25 ----ASH---- C:\pagefile.sys
2016-01-30 18:25:33 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-01-30 14:18:59 ----N---- C:\Windows\system32\MpSigStub.exe
2016-01-11 20:22:29 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Freelancer
======List of files/folders modified in the last 1 month======
2016-02-10 17:40:13 ----D---- C:\Windows\Temp
2016-02-10 12:32:54 ----D---- C:\Windows\System32
2016-02-10 12:32:54 ----D---- C:\Windows\inf
2016-02-10 12:32:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-10 12:30:12 ----D---- C:\Windows\system32\config
2016-02-10 12:24:33 ----D---- C:\Windows\Tasks
2016-02-09 22:47:56 ----D---- C:\Users\Jerry Oak\AppData\Roaming\AIMP3
2016-02-09 18:54:30 ----D---- C:\Windows\SysWOW64
2016-02-09 18:54:30 ----D---- C:\Windows
2016-02-08 23:56:10 ----D---- C:\Windows\Microsoft.NET
2016-02-08 20:16:32 ----D---- C:\Windows\winsxs
2016-02-08 17:32:43 ----RSD---- C:\Windows\assembly
2016-02-08 09:52:15 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-08 09:52:15 ----D---- C:\Windows\system32\cs-CZ
2016-02-08 09:52:14 ----SD---- C:\Windows\system32\CompatTel
2016-02-08 09:52:14 ----D---- C:\Windows\system32\appraiser
2016-02-08 09:52:14 ----D---- C:\Windows\AppPatch
2016-02-08 09:52:13 ----D---- C:\Windows\system32\drivers
2016-02-08 09:52:13 ----D---- C:\Windows\ehome
2016-02-08 09:52:09 ----RSD---- C:\Windows\Fonts
2016-02-08 09:52:09 ----D---- C:\Windows\cs-CZ
2016-02-08 09:52:08 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-08 09:52:08 ----D---- C:\Program Files\Internet Explorer
2016-02-08 09:52:07 ----D---- C:\Windows\system32\en-US
2016-02-08 09:52:07 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-08 09:52:06 ----D---- C:\Windows\system32\migration
2016-02-08 09:52:06 ----D---- C:\Program Files\Windows Journal
2016-02-08 09:51:51 ----D---- C:\Windows\system32\DriverStore
2016-02-08 09:16:35 ----SHD---- C:\Windows\Installer
2016-02-08 09:13:11 ----D---- C:\Windows\system32\MRT
2016-02-08 09:06:17 ----A---- C:\Windows\system32\MRT.exe
2016-02-08 08:58:02 ----RD---- C:\Program Files (x86)
2016-02-08 08:34:13 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-08 08:31:08 ----ASD---- C:\ProgramData\Microsoft
2016-02-08 08:29:38 ----RD---- C:\Program Files
2016-02-08 08:21:06 ----D---- C:\Windows\system32\catroot2
2016-02-08 08:20:32 ----SHD---- C:\System Volume Information
2016-02-07 22:37:21 ----HD---- C:\ProgramData
2016-02-07 22:33:12 ----D---- C:\Windows\Prefetch
2016-02-07 21:18:36 ----D---- C:\Program Files (x86)\Steam
2016-02-07 21:16:58 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Skype
2016-02-07 20:59:28 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Tunngle
2016-02-07 17:59:19 ----D---- C:\Windows\system32\Tasks
2016-02-07 17:59:05 ----D---- C:\ProgramData\Skype
2016-02-07 14:19:51 ----D---- C:\Program Files (x86)\TeamViewer
2016-02-07 13:47:10 ----D---- C:\Windows\system32\drivers\etc
2016-02-07 12:58:05 ----D---- C:\Dreams
2016-02-07 08:19:04 ----D---- C:\TeamSpeak 3 Client
2016-02-07 08:11:19 ----D---- C:\Users\Jerry Oak\AppData\Roaming\qBittorrent
2016-02-07 07:14:26 ----D---- C:\ProgramData\Tunngle
2016-02-06 17:05:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-06 13:49:09 ----D---- C:\Users\Jerry Oak\AppData\Roaming\vlc
2016-02-04 20:45:22 ----D---- C:\Windows\Minidump
2016-02-02 22:12:46 ----D---- C:\ProgramData\Package Cache
2016-01-30 12:04:11 ----D---- C:\ProgramData\Avira
2016-01-28 19:43:18 ----D---- C:\ProgramData\Steam
2016-01-28 18:54:35 ----D---- C:\Windows\SYSWOW64\directx
2016-01-26 23:06:59 ----D---- C:\Users\Jerry Oak\AppData\Roaming\.minecraft
2016-01-26 18:05:14 ----D---- C:\ProgramData\Oracle
2016-01-26 18:01:20 ----D---- C:\Program Files\Java
2016-01-26 18:00:52 ----D---- C:\Program Files (x86)\Common Files
2016-01-26 17:59:58 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2016-01-18 22:10:57 ----D---- C:\Program Files (x86)\BYOND
2016-01-16 23:26:26 ----D---- C:\Users\Jerry Oak\AppData\Roaming\Audacity
2016-01-11 06:42:03 ----RD---- C:\Program Files (x86)\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-09-14 31352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-03 283064]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 ScpVBus;Scp Virtual Bus Driver; C:\Windows\system32\DRIVERS\ScpVBus.sys [2013-05-05 39168]
R3 SmbDrvIntel;SmbDrvIntel; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-04-18 27408]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-04-18 428304]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2015-10-14 30816]
S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys [2014-03-05 296240]
S3 HDJMidi;DJ Control MP3 e2 MIDI; C:\Windows\system32\DRIVERS\HDJMidi.sys [2014-03-05 276272]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 winusb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HerculesDJControlMP3;Hercules DJ Control MP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2014-03-04 50688]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-09-13 937776]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2014-08-13 96272]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-27 136048]
S2 Ds3Service;SCP DS3 Service; C:\Dreams\Project.Zomboid.Build.32.30\ScpServer\bin\ScpService.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-18 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-27 136048]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-02-04 182304]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-12-12 114688]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-10-27 809424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-02-05 1255736]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2011-08-05 8277728]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Program Files\Zune\ZuneWlanCfgSvc.exe [2011-08-05 467680]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zasekaný laptop po 10 minutách
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
yardafreeman
- Návštěvník
- Příspěvky: 19
- Registrován: 04 úno 2006 19:06
Re: Zasekaný laptop po 10 minutách
V počítači nenastala žádná změna.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zasekaný laptop po 10 minutách
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
yardafreeman
- Návštěvník
- Příspěvky: 19
- Registrován: 04 úno 2006 19:06
Re: Zasekaný laptop po 10 minutách
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 10.2.2016
Čas skenování: 22:00
Protokol:
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.02.10.06
Databáze rootkitů: v2016.02.08.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Jerry Oak
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 345487
Uplynulý čas: 19 min, 30 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 10.2.2016
Čas skenování: 22:00
Protokol:
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.02.10.06
Databáze rootkitů: v2016.02.08.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Jerry Oak
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 345487
Uplynulý čas: 19 min, 30 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Přispějete na provoz fóra?