Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu PC - Motji

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
sobtik
Návštěvník
Návštěvník
Příspěvky: 242
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Prosím o kontrolu PC - Motji

#1 Příspěvek od sobtik »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lukas at 2018-06-12 21:09:15
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 20 GB (18%) free of 114 GB
Total RAM: 8155 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:09:16, on 12.6.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19003)
Boot mode: Normal

Running processes:
D:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\WTFast\wtfast.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\trend micro\Lukas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKLM\..\Run: [USB_Speed_Up] "C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe"/mini
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKCU\..\Run: [WTFast Tray] "C:\Program Files (x86)\WTFast\wtfast.exe" trayonly
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - D:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - D:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICEsound Service (ICEsoundService) - Unknown owner - C:\Windows\system32\ICEsoundService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Command Center Clock Service (MSIClock_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSI Command Center Comm Service (MSICOMM_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSI Command Center CPU Service (MSICPU_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSI Command Center control Service (MSICTL_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service: MSI Command Center DDR Service (MSIDDR_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service: MSI Command Center SMBus Service (MSISMB_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSI Command Center SuperIO Service (MSISuperIO_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_ActiveX_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
O23 - Service: MSI_Driver_Service - MSI - C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\MSI_Driver_Service.exe
O23 - Service: MSI Fast Boot Service (MSI_FastBoot) - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI_RAMDisk_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe
O23 - Service: MSI Super Charger Service (MSI_SuperCharger) - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Small Business Advantage Service (SbaService) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: wtfast.Service - Unknown owner - C:\Program Files (x86)\WTFast\service\wtfast.Service.exe
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe

--
End of file - 12842 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\system32\svchost.exe -k NetworkService
"D:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Windows\System32\spoolsv.exe
taskeng.exe {893D9223-0DAB-4268-9F7A-BAAC0F060F73}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
AVGUI.exe /nogui
"C:\Program Files (x86)\WTFast\wtfast.exe" trayonly
taskeng.exe {372A425E-EF75-4B4B-A360-BB4F0DFF8030}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe"
"C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe" /hw
taskeng.exe {A3A03B0C-D7A5-4AFD-BFD9-03ABAE7274CE}
"C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe" /mini
"C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\MSI_Driver_Service.exe"
"C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe"
"C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe"
"C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\WTFast\service\wtfast.Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
WLIDSvcM.exe 3420
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1492953607-1336253751-2739172986-10001_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1492953607-1336253751-2739172986-10001 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"D:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "-923342041-909207789184982294113385602671044145442-157756066-1308069162321993597
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\Lukas\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x10de --gpu-device-id=0x1c02 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --lang=en-US --log-file="C:\Users\Lukas\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --service-request-channel-token=47F7D0B374DDEEB54CD49137FF87CD35 --mojo-platform-channel-handle=1468 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-browser-side-navigation --no-sandbox --disable-gpu-compositing --service-pipe-token=AB43D16AFA4DA4D44E31C71B2A2C5968 --lang=en-US --lang=en-US --log-file="C:\Users\Lukas\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=AB43D16AFA4DA4D44E31C71B2A2C5968 --renderer-client-id=2 --mojo-platform-channel-handle=1464 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lukas\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe /Application
C:\Windows\tasks\DriverNavigator Scheduled Scan.job - C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe --scan
C:\Windows\tasks\RtlNetworkGenieVistaStart.job - C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe /hw

=========Mozilla firefox=========

ProfilePath - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\5jvrnpxt.default

prefs.js - "browser.startup.homepage" - "https://www.centrum.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-16 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-16 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-16 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-16 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-04-08 9270216]
"AVGUI.exe"=D:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [2018-05-15 291568]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-14 1841496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WTFast Tray"=C:\Program Files (x86)\WTFast\wtfast.exe [2018-05-22 7267904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-11-29 4701888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLLSuite2016]
C:\Program Files (x86)\DLL Suite\DLLSuite.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-03-14 27545048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [2017-03-28 299520]
"Command Center"=C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [2016-11-15 831584]
"USB_Speed_Up"=C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe [2017-02-17 2394040]
"Super Charger"=C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [2017-06-29 1015808]
"Fast Boot"=C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [2015-04-22 759120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2018-06-12 21:08:17 ----A---- C:\Windows\system32\drivers\mbam.sys
2018-06-12 21:03:17 ----D---- C:\AdwCleaner
2018-06-12 21:03:16 ----A---- C:\Windows\system32\drivers\mwac.sys
2018-06-12 21:03:16 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2018-06-12 21:03:16 ----A---- C:\Windows\system32\drivers\farflt.sys
2018-06-12 21:03:07 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-06-12 21:03:01 ----A---- C:\Windows\system32\drivers\mbae64.sys
2018-06-12 21:02:57 ----D---- C:\ProgramData\Malwarebytes
2018-06-12 21:02:57 ----D---- C:\Program Files\Malwarebytes
2018-06-12 20:59:02 ----D---- C:\Program Files\trend micro
2018-06-12 20:59:01 ----D---- C:\rsit
2018-06-11 21:22:44 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2018-06-11 21:20:59 ----SHD---- C:\Config.Msi
2018-06-11 19:30:08 ----D---- C:\ProgramData\ProgeCAD
2018-06-11 19:29:06 ----D---- C:\SoliCAD
2018-06-11 16:43:47 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-06-10 11:47:47 ----A---- C:\Windows\system32\RtNicProp64.dll
2018-06-10 11:47:30 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2018-06-09 09:17:52 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvopencl.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvoglv64.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvoglshim64.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvinitx.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\NvIFR64.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvdispgenco6439811.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvdispco6439811.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvd3dumx.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvcuvid.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvcuda.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\nvcompiler.dll
2018-06-09 09:17:52 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2018-06-09 09:12:42 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2018-06-09 09:12:42 ----A---- C:\Windows\system32\nvspcap64.dll
2018-06-09 09:12:42 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2018-06-09 09:12:33 ----A---- C:\Windows\NvContainerRecovery.bat
2018-06-09 09:12:32 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2018-06-09 09:12:32 ----A---- C:\Windows\system32\nvaudcap64v.dll
2018-06-09 09:11:29 ----A---- C:\Windows\system32\drivers\nvvhci.sys
2018-06-08 22:57:13 ----D---- C:\Program Files\Common Files\DESIGNER
2018-06-08 16:43:09 ----D---- C:\Windows\SYSWOW64\xlive
2018-06-08 16:43:08 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2018-06-07 15:32:20 ----A---- C:\Windows\system32\nvhdap64.dll
2018-06-07 15:32:20 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2018-06-07 15:30:55 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2018-06-07 15:29:11 ----A---- C:\Windows\system32\NvFBC64.dll
2018-06-07 15:29:11 ----A---- C:\Windows\system32\nvdispgenco6439793.dll
2018-06-07 15:29:11 ----A---- C:\Windows\system32\nvdispco6439793.dll
2018-06-06 21:40:12 ----D---- C:\Windows\system32\appmgmt
2018-06-06 21:31:14 ----A---- C:\Windows\system32\nvdispgenco6439764.dll
2018-06-06 21:31:14 ----A---- C:\Windows\system32\nvdispco6439764.dll
2018-05-15 19:27:45 ----A---- C:\Windows\system32\drivers\iaStorF.sys
2018-05-15 19:27:31 ----A---- C:\Windows\system32\drivers\iaStorA.sys
2018-05-15 18:06:43 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys
2018-05-15 17:21:49 ----A---- C:\Windows\system32\avgBoot.exe

======List of files/folders modified in the last 1 month======

2018-06-12 21:09:02 ----D---- C:\Windows\Prefetch
2018-06-12 21:09:01 ----D---- C:\ProgramData\NVIDIA
2018-06-12 21:08:18 ----D---- C:\Windows\Temp
2018-06-12 21:08:17 ----D---- C:\Windows\system32\drivers
2018-06-12 21:08:11 ----HD---- C:\ProgramData
2018-06-12 21:08:09 ----D---- C:\Windows
2018-06-12 21:07:24 ----D---- C:\Windows\Tasks
2018-06-12 21:07:09 ----A---- C:\Windows\KMSEmulator.exe
2018-06-12 21:07:03 ----D---- C:\Windows\system32\Tasks
2018-06-12 21:04:12 ----D---- C:\Windows\system32\config
2018-06-12 21:04:02 ----RD---- C:\Program Files (x86)
2018-06-12 21:04:02 ----D---- C:\Program Files\Common Files
2018-06-12 21:04:02 ----D---- C:\Program Files (x86)\Common Files
2018-06-12 21:04:01 ----D---- C:\ProgramData\IObit
2018-06-12 21:04:01 ----D---- C:\Program Files (x86)\IObit
2018-06-12 21:02:57 ----RD---- C:\Program Files
2018-06-12 17:48:47 ----D---- C:\Windows\System32
2018-06-12 17:48:47 ----D---- C:\Windows\inf
2018-06-12 17:48:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-06-11 21:25:03 ----D---- C:\Windows\SysWOW64
2018-06-11 21:23:05 ----D---- C:\ProgramData\NVIDIA Corporation
2018-06-11 21:22:42 ----D---- C:\Windows\system32\DriverStore
2018-06-11 21:22:36 ----D---- C:\Program Files (x86)\VulkanRT
2018-06-11 21:21:33 ----D---- C:\Windows\system32\catroot2
2018-06-11 21:21:13 ----SHD---- C:\Windows\Installer
2018-06-11 21:21:09 ----D---- C:\ProgramData\Package Cache
2018-06-11 21:21:08 ----SHD---- C:\System Volume Information
2018-06-11 21:15:43 ----D---- C:\Users\Lukas\AppData\Roaming\uTorrent
2018-06-11 18:26:56 ----D---- C:\Users\Lukas\AppData\Roaming\vlc
2018-06-11 16:43:45 ----D---- C:\Windows\system32\Macromed
2018-06-11 16:43:44 ----D---- C:\Windows\SYSWOW64\Macromed
2018-06-10 21:44:55 ----RSD---- C:\Windows\assembly
2018-06-10 13:54:40 ----D---- C:\ProgramData\Microsoft Help
2018-06-10 13:37:37 ----D---- C:\Windows\Logs
2018-06-10 12:14:15 ----D---- C:\Windows\system32\catroot
2018-06-10 11:47:50 ----A---- C:\Windows\system32\RTNUninst64.dll
2018-06-10 11:42:57 ----D---- C:\Program Files (x86)\WTFast
2018-06-09 18:23:09 ----D---- C:\Program Files\Common Files\System
2018-06-09 18:23:09 ----A---- C:\Windows\win.ini
2018-06-09 18:19:45 ----D---- C:\Program Files\Common Files\Microsoft Shared
2018-06-09 17:43:39 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-06-09 11:52:32 ----D---- C:\ProgramData\Avg
2018-06-09 09:18:54 ----D---- C:\Windows\system32\unknown
2018-06-09 09:12:40 ----D---- C:\Program Files\NVIDIA Corporation
2018-06-09 09:10:25 ----D---- C:\Users\Lukas\AppData\Roaming\DAEMON Tools Lite
2018-06-09 09:10:25 ----D---- C:\Program Files (x86)\Steam
2018-06-09 09:10:23 ----D---- C:\Windows\debug
2018-06-09 08:58:48 ----D---- C:\Windows\Microsoft.NET
2018-06-09 08:23:22 ----D---- C:\Program Files\Mozilla Firefox
2018-06-08 22:57:44 ----D---- C:\Windows\winsxs
2018-06-08 16:43:02 ----SD---- C:\ProgramData\Microsoft
2018-06-07 15:32:20 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2018-06-06 21:39:51 ----D---- C:\Program Files (x86)\DLL Suite
2018-06-06 21:39:12 ----D---- C:\Users\Lukas\AppData\Roaming\IObit
2018-06-06 21:38:55 ----D---- C:\ProgramData\ProductData
2018-06-02 05:05:26 ----A---- C:\Windows\system32\nvwgf2umx.dll
2018-06-02 05:05:20 ----A---- C:\Windows\system32\nvumdshimx.dll
2018-06-02 05:04:48 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2018-06-02 05:04:38 ----A---- C:\Windows\system32\nvapi64.dll
2018-06-01 10:39:44 ----A---- C:\Windows\system32\nvsvc64.dll
2018-06-01 10:39:44 ----A---- C:\Windows\system32\nvcpl.dll
2018-06-01 10:39:42 ----A---- C:\Windows\system32\nvsvcr.dll
2018-06-01 10:39:42 ----A---- C:\Windows\system32\nvshext.dll
2018-06-01 10:39:42 ----A---- C:\Windows\system32\nvmctray.dll
2018-06-01 10:39:42 ----A---- C:\Windows\system32\nv3dappshextr.dll
2018-06-01 10:39:42 ----A---- C:\Windows\system32\nv3dappshext.dll
2018-05-20 17:30:00 ----A---- C:\Windows\NvTelemetryContainerRecovery.bat

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [2018-05-15 192536]
R0 avgblog;avgblog; C:\Windows\system32\drivers\avgbloga.sys [2018-05-15 336848]
R0 avgbuniv;avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [2018-05-15 50776]
R0 avgRvrt;avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [2018-05-15 78352]
R0 avgVmm;avgVmm; C:\Windows\system32\drivers\avgVmm.sys [2018-05-15 373944]
R0 iaStorA;Intel(R) Chipset SATA/PCIe RST Premium Controller; C:\Windows\system32\DRIVERS\iaStorA.sys [2018-05-15 906720]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2018-05-15 40928]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 avgArPot;avgArPot; C:\Windows\system32\drivers\avgArPot.sys [2018-05-15 189032]
R1 avgbidsdriver;avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [2018-05-15 220600]
R1 avgRdr;avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [2018-05-15 103744]
R1 avgSnx;avgSnx; C:\Windows\system32\drivers\avgSnx.sys [2018-05-15 1020112]
R1 avgSP;avgSP; C:\Windows\system32\drivers\avgSP.sys [2018-05-15 452904]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2018-04-26 152184]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2018-03-12 27552]
R1 ndisrd;WinpkFilter LightWeight Filter; C:\Windows\system32\DRIVERS\ndisrd.sys [2011-09-14 32360]
R2 avgMonFlt;avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [2018-05-15 151504]
R2 avgStm;avgStm; C:\Windows\system32\drivers\avgStm.sys [2018-05-15 198368]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2016-08-24 37064]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2018-06-12 190696]
R2 RAMDriv;MSI RAMDrive; C:\Windows\system32\DRIVERS\ramdriv.sys [2016-03-10 86936]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-12-17 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-12-17 47672]
R3 iaLPSS2_GPIO2;Intel(R) Serial IO GPIO Driver v2; C:\Windows\system32\DRIVERS\iaLPSS2_GPIO2.sys [2017-10-16 91944]
R3 iaLPSS2_I2C;Intel(R) Serial IO I2C Driver v2; C:\Windows\system32\DRIVERS\iaLPSS2_I2C.sys [2017-10-16 166184]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2017-10-16 38480]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2018-04-08 6145480]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2017-04-11 410128]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2018-02-04 816640]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2018-06-12 112864]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2018-06-12 44768]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-06-12 253664]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2018-06-12 94328]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2018-05-15 214064]
R3 NTIOLib_ACTIVE_X;NTIOLib_ACTIVE_X; \??\C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [2016-04-12 13776]
R3 NTIOLib_FastBoot;NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2017-03-29 14288]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [2012-11-26 13368]
R3 NTIOLib_OCKit_MB;NTIOLib_OCKit_MB; \??\C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\NTIOLib_X64.sys [2016-09-08 13776]
R3 NTIOLib_SuperCharger;NTIOLib_SuperCharger; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [2017-03-15 14288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2018-06-07 227928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2018-06-07 67432]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-04-28 68112]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2018-06-10 1059776]
R3 sssmbus;SteelSeries SMBus Service; C:\Windows\system32\DRIVERS\sssmbus.sys [2018-03-12 32520]
S2 npf;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys []
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [2014-04-09 31920]
S3 avgHwid;avgHwid; C:\Windows\system32\drivers\avgHwid.sys [2018-05-15 39352]
S3 cpuz143;cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2018-03-12 131984]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2016-12-16 87696]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2017-06-16 23184]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\SDSDefs\20161217.001\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\SDSDefs\20161217.001\EX64.SYS []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-05-20 31200]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2017-08-13 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 AVG Antivirus;AVG Antivirus; D:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [2018-05-15 318328]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2017-02-19 196200]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2017-02-19 419616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-03 6541008]
R2 MSI_ActiveX_Service;MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [2017-02-17 58296]
R2 MSI_Driver_Service;MSI_Driver_Service; C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\MSI_Driver_Service.exe [2016-10-12 54880]
R2 MSI_FastBoot;MSI Fast Boot Service; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2017-04-05 111568]
R2 MSI_RAMDisk_Service;MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe [2017-06-30 70608]
R2 MSI_SuperCharger;MSI Super Charger Service; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2017-04-28 174032]
R2 MSICTL_CC;MSI Command Center control Service; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2016-11-15 2014816]
R2 MSIDDR_CC;MSI Command Center DDR Service; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2016-12-05 2327648]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-06-01 764544]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-05-20 630240]
R2 SbaService;Intel(R) Small Business Advantage Service; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe [2015-10-14 26296]
R3 avgbIDSAgent;avgbIDSAgent; D:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [2018-05-15 7670672]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-16 107848]
S2 ICEsoundService;ICEsound Service; C:\Windows\system32\ICEsoundService64.exe [2018-04-08 483808]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-11 335872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-11-29 1471168]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-16 107848]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-12-16 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-04-22 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-12-05 630048]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-05-29 177288]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MSIClock_CC;MSI Command Center Clock Service; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2016-11-23 2169440]
S3 MSICOMM_CC;MSI Command Center Comm Service; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2017-01-06 2206304]
S3 MSICPU_CC;MSI Command Center CPU Service; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [2016-12-14 4172896]
S3 MSISMB_CC;MSI Command Center SMBus Service; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2016-12-05 2076768]
S3 MSISuperIO_CC;MSI Command Center SuperIO Service; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2016-12-23 611936]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-04-11 185528]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-02-27 317400]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-12-17 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu PC - Motji

#2 Příspěvek od Rudy »

Zdravím!
Kolegyně Motji je momentálně časově zaneprázdněna, takže už asi rok s námi nespolupracuje. Budete muset vzít za vděk mojí radou. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

sobtik
Návštěvník
Návštěvník
Příspěvky: 242
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu PC - Motji

#3 Příspěvek od sobtik »

Omlouvám se že to trvalo tak dlouho.
Tady to je.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-07-04.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-15-2018
# Duration: 00:00:01
# OS: Windows 7 Ultimate
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Lukas\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\Driver Booster Scheduler

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14D34A8F-875D-4E27-AE67-BD0B02DAB0CC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler

***** [ Chromium (and derivatives) ] *****

Deleted AVG Web TuneUp

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5065 octets] - [12/06/2018 21:03:46]
AdwCleaner[C00].txt - [4481 octets] - [12/06/2018 21:04:03]
AdwCleaner[S01].txt - [1367 octets] - [12/06/2018 21:05:58]
AdwCleaner[C01].txt - [1553 octets] - [12/06/2018 21:06:08]
AdwCleaner[S02].txt - [1499 octets] - [01/07/2018 20:45:01]
AdwCleaner[C02].txt - [1665 octets] - [01/07/2018 20:45:12]
AdwCleaner[S03].txt - [1980 octets] - [15/07/2018 11:32:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu PC - Motji

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

sobtik
Návštěvník
Návštěvník
Příspěvky: 242
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu PC - Motji

#5 Příspěvek od sobtik »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lukas at 2018-07-15 19:02:43
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 30 GB (26%) free of 114 GB
Total RAM: 8155 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:02:44, on 15.7.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\WTFast\wtfast.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
D:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Lukas\AppData\Roaming\uTorrent\uninstall.exe
C:\Users\Lukas\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files\trend micro\Lukas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKLM\..\Run: [USB_Speed_Up] "C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe"/mini
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKCU\..\Run: [WTFast Tray] "C:\Program Files (x86)\WTFast\wtfast.exe" trayonly
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - D:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - D:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICEsound Service (ICEsoundService) - Unknown owner - C:\Windows\system32\ICEsoundService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Command Center Clock Service (MSIClock_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSI Command Center Comm Service (MSICOMM_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSI Command Center CPU Service (MSICPU_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSI Command Center control Service (MSICTL_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service: MSI Command Center DDR Service (MSIDDR_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service: MSI Command Center SMBus Service (MSISMB_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSI Command Center SuperIO Service (MSISuperIO_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_ActiveX_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
O23 - Service: MSI_Driver_Service - MSI - C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\MSI_Driver_Service.exe
O23 - Service: MSI Fast Boot Service (MSI_FastBoot) - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI_RAMDisk_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe
O23 - Service: MSI Super Charger Service (MSI_SuperCharger) - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Small Business Advantage Service (SbaService) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: wtfast.Service - Unknown owner - C:\Program Files (x86)\WTFast\service\wtfast.Service.exe
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe

--
End of file - 12702 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"D:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\WTFast\wtfast.exe" trayonly
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe" /mini
"C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {89616682-1AB9-49F8-99E2-B3A8D2DA2C00}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
AVGUI.exe /nogui
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe"
"C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\MSI_Driver_Service.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe"
"C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe"
"C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe" /hw
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "-699160823441773329-667053797-752677064146220391772570907-207080254-1431221548
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\WTFast\service\wtfast.Service.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
WLIDSvcM.exe 3884
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"D:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-browser-side-navigation --no-sandbox --disable-gpu-compositing --service-pipe-token=5122B811DAF80BF8D76BEC14409E6AFE --lang=en-US --lang=en-US --log-file="C:\Users\Lukas\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=5122B811DAF80BF8D76BEC14409E6AFE --renderer-client-id=2 --mojo-platform-channel-handle=1460 /prefetch:1
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\Lukas\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x10de --gpu-device-id=0x1c02 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --lang=en-US --log-file="C:\Users\Lukas\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --service-request-channel-token=DC213A7E53144436CE21FD942EA2E06F --mojo-platform-channel-handle=1468 /prefetch:2
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe"
"C:\Users\Lukas\AppData\Roaming\uTorrent\uninstall.exe" backup
utorrent.exe
taskeng.exe {6F6F2232-7C94-4E97-A49D-EB5E79ADA3EB}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lukas\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe /Application
C:\Windows\tasks\DriverNavigator Scheduled Scan.job - C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe --scan
C:\Windows\tasks\RtlNetworkGenieVistaStart.job - C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe /hw

=========Mozilla firefox=========

ProfilePath - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\5jvrnpxt.default

prefs.js - "browser.startup.homepage" - "https://www.centrum.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.171 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.171 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-16 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-16 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-16 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-16 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-04-08 9270216]
"AVGUI.exe"=D:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [2018-05-15 291568]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-14 1841496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WTFast Tray"=C:\Program Files (x86)\WTFast\wtfast.exe [2018-05-22 7267904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-11-29 4701888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLLSuite2016]
C:\Program Files (x86)\DLL Suite\DLLSuite.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-03-14 27545048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [2017-03-28 299520]
"Command Center"=C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [2016-11-15 831584]
"USB_Speed_Up"=C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe [2017-02-17 2394040]
"Super Charger"=C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [2017-06-29 1015808]
"Fast Boot"=C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [2015-04-22 759120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2018-07-15 11:28:32 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-07-14 12:03:08 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2018-07-14 12:03:08 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2018-07-14 12:03:08 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2018-07-14 12:03:07 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2018-07-14 12:03:07 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2018-07-14 12:03:07 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2018-07-14 12:03:07 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2018-07-14 12:03:07 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2018-07-14 12:03:07 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2018-07-14 12:03:07 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2018-07-14 12:03:07 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2018-07-14 12:03:07 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2018-07-14 12:03:07 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2018-07-14 12:03:07 ----A---- C:\Windows\system32\nvopencl.dll
2018-07-14 12:03:07 ----A---- C:\Windows\system32\nvoglv64.dll
2018-07-14 12:03:07 ----A---- C:\Windows\system32\nvoglshim64.dll
2018-07-14 12:03:07 ----A---- C:\Windows\system32\nvinitx.dll
2018-07-14 12:03:07 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2018-07-14 12:03:07 ----A---- C:\Windows\system32\NvIFR64.dll
2018-07-14 12:03:07 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2018-07-14 12:03:07 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2018-07-14 12:03:07 ----A---- C:\Windows\system32\nvdispgenco6439836.dll
2018-07-14 12:03:07 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2018-07-14 12:03:06 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2018-07-14 12:03:06 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2018-07-14 12:03:06 ----A---- C:\Windows\system32\nvdispco6439836.dll
2018-07-14 12:03:06 ----A---- C:\Windows\system32\nvd3dumx.dll
2018-07-14 12:03:06 ----A---- C:\Windows\system32\nvcuvid.dll
2018-07-14 12:03:06 ----A---- C:\Windows\system32\nvcuda.dll
2018-07-14 12:03:06 ----A---- C:\Windows\system32\nvcompiler.dll
2018-07-14 12:03:05 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2018-07-14 12:03:05 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2018-07-11 18:15:17 ----A---- C:\Windows\system32\invagent.dll
2018-07-11 18:15:17 ----A---- C:\Windows\system32\generaltel.dll
2018-07-11 18:15:17 ----A---- C:\Windows\system32\devinv.dll
2018-07-11 18:15:17 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-07-11 18:15:17 ----A---- C:\Windows\system32\centel.dll
2018-07-11 18:15:17 ----A---- C:\Windows\system32\appraiser.dll
2018-07-11 18:15:17 ----A---- C:\Windows\system32\aitstatic.exe
2018-07-11 18:15:17 ----A---- C:\Windows\system32\aepic.dll
2018-07-11 18:15:17 ----A---- C:\Windows\system32\aeinv.dll
2018-07-11 18:15:17 ----A---- C:\Windows\system32\acmigration.dll
2018-07-11 18:14:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-07-11 18:14:55 ----A---- C:\Windows\system32\mshtml.dll
2018-07-11 18:14:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-07-11 18:14:54 ----A---- C:\Windows\system32\ieframe.dll
2018-07-11 18:14:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-07-11 18:14:53 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-07-11 18:14:53 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-07-11 18:14:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-07-11 18:14:53 ----A---- C:\Windows\system32\win32k.sys
2018-07-11 18:14:53 ----A---- C:\Windows\system32\urlmon.dll
2018-07-11 18:14:53 ----A---- C:\Windows\system32\ucrtbase.dll
2018-07-11 18:14:53 ----A---- C:\Windows\system32\shell32.dll
2018-07-11 18:14:53 ----A---- C:\Windows\system32\jscript9.dll
2018-07-11 18:14:53 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-07-11 18:14:53 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\zipfldr.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\wkssvc.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\wininet.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\vbscript.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-07-11 18:14:52 ----A---- C:\Windows\system32\ntdll.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 18:14:52 ----A---- C:\Windows\system32\msrating.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\inseng.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\iertutil.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\iedkcs32.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\hal.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\dxtmsft.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-07-11 18:14:52 ----A---- C:\Windows\system32\drivers\netio.sys
2018-07-11 18:14:52 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-07-11 18:14:52 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-07-11 18:14:52 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-07-11 18:14:52 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-07-11 18:14:52 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-07-11 18:14:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\dnscacheugc.exe
2018-07-11 18:14:52 ----A---- C:\Windows\system32\dnsapi.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\certcli.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 18:14:52 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-07-11 18:14:51 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\wow64win.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\wow64cpu.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\wow64.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\winsrv.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\webcheck.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\wdigest.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\TSpkg.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\sspisrv.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\sspicli.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\srcore.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\srclient.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\smss.exe
2018-07-11 18:14:51 ----A---- C:\Windows\system32\schannel.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\secur32.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\rstrui.exe
2018-07-11 18:14:51 ----A---- C:\Windows\system32\rpchttp.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\rpcss.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\rpcrt4.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\ole32.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\occache.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\ntvdm64.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\ncrypt.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\msv1_0.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\mshtmled.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\msfeeds.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\MPSSVC.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\lsass.exe
2018-07-11 18:14:51 ----A---- C:\Windows\system32\lsasrv.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\KernelBase.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\kernel32.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\kerberos.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\jsproxy.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\jscript9diag.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\jscript.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\ieUnatt.exe
2018-07-11 18:14:51 ----A---- C:\Windows\system32\ieui.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\iesetup.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\iernonce.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-07-11 18:14:51 ----A---- C:\Windows\system32\ieapfltr.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\ie4uinit.exe
2018-07-11 18:14:51 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\dxtrans.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-07-11 18:14:51 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-07-11 18:14:51 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-07-11 18:14:51 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-07-11 18:14:51 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-07-11 18:14:51 ----A---- C:\Windows\system32\drivers\appid.sys
2018-07-11 18:14:51 ----A---- C:\Windows\system32\csrsrv.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\cryptbase.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\credssp.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\conhost.exe
2018-07-11 18:14:51 ----A---- C:\Windows\system32\comcat.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\bcrypt.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\auditpol.exe
2018-07-11 18:14:51 ----A---- C:\Windows\system32\appidsvc.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 18:14:51 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 18:14:51 ----A---- C:\Windows\system32\appidapi.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\apisetschema.dll
2018-07-11 18:14:51 ----A---- C:\Windows\system32\advapi32.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 18:14:50 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 18:14:50 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-07-11 18:14:50 ----A---- C:\Windows\SYSWOW64\user.exe
2018-07-11 18:14:50 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-07-11 18:14:50 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-07-11 18:14:50 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-07-11 18:14:50 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-07-11 18:14:50 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-07-11 18:14:50 ----A---- C:\Windows\system32\wfapigp.dll
2018-07-11 18:14:50 ----A---- C:\Windows\system32\oleres.dll
2018-07-11 18:14:50 ----A---- C:\Windows\system32\msobjs.dll
2018-07-11 18:14:50 ----A---- C:\Windows\system32\msaudite.dll
2018-07-11 18:14:50 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 18:14:50 ----A---- C:\Windows\system32\icfupgd.dll
2018-07-11 18:14:50 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-07-11 18:14:50 ----A---- C:\Windows\system32\adtschema.dll

======List of files/folders modified in the last 1 month======

2018-07-15 19:02:44 ----D---- C:\Program Files\trend micro
2018-07-15 19:02:18 ----D---- C:\Users\Lukas\AppData\Roaming\uTorrent
2018-07-15 18:54:13 ----D---- C:\Windows\Temp
2018-07-15 18:52:09 ----D---- C:\Users\Lukas\AppData\Roaming\vlc
2018-07-15 12:25:35 ----D---- C:\ProgramData\NVIDIA
2018-07-15 11:47:29 ----D---- C:\Windows\system32\config
2018-07-15 11:39:54 ----D---- C:\Windows\System32
2018-07-15 11:39:54 ----D---- C:\Windows\inf
2018-07-15 11:39:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-07-15 11:34:40 ----D---- C:\Windows\Prefetch
2018-07-15 11:34:14 ----D---- C:\Windows\Tasks
2018-07-15 11:34:04 ----D---- C:\Windows\system32\drivers
2018-07-15 11:34:04 ----D---- C:\Windows
2018-07-15 11:34:04 ----A---- C:\Windows\KMSEmulator.exe
2018-07-15 11:34:01 ----D---- C:\Windows\system32\Tasks
2018-07-15 11:28:28 ----HD---- C:\ProgramData
2018-07-15 11:28:17 ----D---- C:\ProgramData\Malwarebytes
2018-07-15 08:15:03 ----D---- C:\Users\Lukas\AppData\Roaming\IObit
2018-07-15 08:08:45 ----D---- C:\Windows\SysWOW64
2018-07-14 22:43:28 ----D---- C:\Windows\system32\catroot
2018-07-14 21:23:27 ----SHD---- C:\System Volume Information
2018-07-14 18:59:58 ----D---- C:\ProgramData\Package Cache
2018-07-14 18:52:13 ----D---- C:\Windows\system32\FxsTmp
2018-07-14 12:04:05 ----D---- C:\ProgramData\NVIDIA Corporation
2018-07-14 12:03:48 ----D---- C:\Windows\system32\unknown
2018-07-14 12:03:24 ----D---- C:\Windows\system32\DriverStore
2018-07-14 12:03:08 ----A---- C:\Windows\system32\nvwgf2umx.dll
2018-07-14 12:03:08 ----A---- C:\Windows\system32\nvumdshimx.dll
2018-07-14 12:03:07 ----A---- C:\Windows\system32\NvFBC64.dll
2018-07-14 12:03:06 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2018-07-14 12:03:05 ----A---- C:\Windows\system32\nvapi64.dll
2018-07-12 19:48:58 ----D---- C:\Windows\Microsoft.NET
2018-07-12 19:47:29 ----RSD---- C:\Windows\assembly
2018-07-12 19:45:56 ----SHD---- C:\Windows\Installer
2018-07-12 19:34:57 ----D---- C:\Windows\winsxs
2018-07-12 19:33:30 ----D---- C:\Windows\system32\appraiser
2018-07-12 19:33:29 ----D---- C:\Windows\SYSWOW64\en-US
2018-07-12 19:33:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-07-12 19:33:29 ----D---- C:\Program Files\Internet Explorer
2018-07-12 19:33:29 ----D---- C:\Program Files (x86)\Internet Explorer
2018-07-12 19:33:27 ----D---- C:\Windows\system32\en-US
2018-07-12 19:33:27 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-07-12 19:33:27 ----D---- C:\Windows\system32\cs-CZ
2018-07-12 19:33:26 ----RSD---- C:\Windows\Fonts
2018-07-12 19:33:26 ----D---- C:\Windows\system32\Boot
2018-07-12 19:33:26 ----D---- C:\Windows\AppPatch
2018-07-11 21:27:13 ----D---- C:\ProgramData\Microsoft Help
2018-07-11 21:27:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2018-07-11 21:26:36 ----D---- C:\Windows\system32\catroot2
2018-07-11 21:24:35 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-07-11 21:22:49 ----D---- C:\Windows\system32\MRT
2018-07-11 21:21:31 ----AC---- C:\Windows\system32\MRT.exe
2018-07-01 20:47:47 ----D---- C:\Windows\system32\wdi
2018-06-24 17:39:33 ----A---- C:\Windows\NvContainerRecovery.bat
2018-06-24 17:31:49 ----A---- C:\Windows\system32\nvsvc64.dll
2018-06-24 17:31:49 ----A---- C:\Windows\system32\nvcpl.dll
2018-06-24 17:31:47 ----A---- C:\Windows\system32\nvsvcr.dll
2018-06-24 17:31:47 ----A---- C:\Windows\system32\nvshext.dll
2018-06-24 17:31:47 ----A---- C:\Windows\system32\nvmctray.dll
2018-06-24 17:31:47 ----A---- C:\Windows\system32\nv3dappshextr.dll
2018-06-24 17:31:47 ----A---- C:\Windows\system32\nv3dappshext.dll
2018-06-17 08:17:40 ----RD---- C:\Program Files (x86)
2018-06-16 21:40:57 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [2018-05-15 192536]
R0 avgblog;avgblog; C:\Windows\system32\drivers\avgbloga.sys [2018-05-15 336848]
R0 avgbuniv;avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [2018-05-15 50776]
R0 avgRvrt;avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [2018-05-15 78352]
R0 avgVmm;avgVmm; C:\Windows\system32\drivers\avgVmm.sys [2018-05-15 373944]
R0 iaStorA;Intel(R) Chipset SATA/PCIe RST Premium Controller; C:\Windows\system32\DRIVERS\iaStorA.sys [2018-05-15 906720]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2018-05-15 40928]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 avgArPot;avgArPot; C:\Windows\system32\drivers\avgArPot.sys [2018-05-15 189032]
R1 avgbidsdriver;avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [2018-05-15 220600]
R1 avgRdr;avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [2018-05-15 103744]
R1 avgSnx;avgSnx; C:\Windows\system32\drivers\avgSnx.sys [2018-05-15 1020112]
R1 avgSP;avgSP; C:\Windows\system32\drivers\avgSP.sys [2018-05-15 452904]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2018-03-12 27552]
R1 ndisrd;WinpkFilter LightWeight Filter; C:\Windows\system32\DRIVERS\ndisrd.sys [2011-09-14 32360]
R2 avgMonFlt;avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [2018-05-15 151504]
R2 avgStm;avgStm; C:\Windows\system32\drivers\avgStm.sys [2018-05-15 198368]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2016-08-24 37064]
R2 RAMDriv;MSI RAMDrive; C:\Windows\system32\DRIVERS\ramdriv.sys [2016-03-10 86936]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-12-17 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-12-17 47672]
R3 iaLPSS2_GPIO2;Intel(R) Serial IO GPIO Driver v2; C:\Windows\system32\DRIVERS\iaLPSS2_GPIO2.sys [2017-10-16 91944]
R3 iaLPSS2_I2C;Intel(R) Serial IO I2C Driver v2; C:\Windows\system32\DRIVERS\iaLPSS2_I2C.sys [2017-10-16 166184]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2017-10-16 38480]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2018-04-08 6145480]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2017-04-11 410128]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2018-02-04 816640]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-07-15 253664]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2018-05-15 214064]
R3 NTIOLib_ACTIVE_X;NTIOLib_ACTIVE_X; \??\C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [2016-04-12 13776]
R3 NTIOLib_FastBoot;NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2017-03-29 14288]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [2012-11-26 13368]
R3 NTIOLib_OCKit_MB;NTIOLib_OCKit_MB; \??\C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\NTIOLib_X64.sys [2016-09-08 13776]
R3 NTIOLib_SuperCharger;NTIOLib_SuperCharger; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [2017-03-15 14288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2018-06-07 227928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2018-06-07 67432]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-04-28 68112]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2018-06-10 1059776]
R3 sssmbus;SteelSeries SMBus Service; C:\Windows\system32\DRIVERS\sssmbus.sys [2018-03-12 32520]
S2 npf;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys []
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [2014-04-09 31920]
S3 avgHwid;avgHwid; C:\Windows\system32\drivers\avgHwid.sys [2018-05-15 39352]
S3 cpuz143;cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2018-03-12 131984]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2016-12-16 87696]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2017-06-16 23184]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\SDSDefs\20161217.001\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\SDSDefs\20161217.001\EX64.SYS []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-05-20 31200]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2017-08-13 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-08-16 159936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 AVG Antivirus;AVG Antivirus; D:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [2018-05-15 318328]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2017-02-19 196200]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2017-02-19 419616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
R2 MSI_ActiveX_Service;MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [2017-02-17 58296]
R2 MSI_Driver_Service;MSI_Driver_Service; C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\MSI_Driver_Service.exe [2016-10-12 54880]
R2 MSI_FastBoot;MSI Fast Boot Service; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2017-04-05 111568]
R2 MSI_RAMDisk_Service;MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe [2017-06-30 70608]
R2 MSI_SuperCharger;MSI Super Charger Service; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2017-04-28 174032]
R2 MSICTL_CC;MSI Command Center control Service; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2016-11-15 2014816]
R2 MSIDDR_CC;MSI Command Center DDR Service; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2016-12-05 2327648]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-06-24 767272]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-05-20 630240]
R2 SbaService;Intel(R) Small Business Advantage Service; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe [2015-10-14 26296]
R3 avgbIDSAgent;avgbIDSAgent; D:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [2018-05-15 7670672]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-16 107848]
S2 ICEsoundService;ICEsound Service; C:\Windows\system32\ICEsoundService64.exe [2018-04-08 483808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-11-29 1471168]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-16 107848]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-12-16 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-12-05 630048]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-05-29 177288]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MSIClock_CC;MSI Command Center Clock Service; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2016-11-23 2169440]
S3 MSICOMM_CC;MSI Command Center Comm Service; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2017-01-06 2206304]
S3 MSICPU_CC;MSI Command Center CPU Service; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [2016-12-14 4172896]
S3 MSISMB_CC;MSI Command Center SMBus Service; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2016-12-05 2076768]
S3 MSISuperIO_CC;MSI Command Center SuperIO Service; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2016-12-23 611936]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 187072]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-02-27 317400]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-12-17 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu PC - Motji

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\Google\Google Toolbar
C:\Windows\tasks\AutoKMS.job
C:\Windows\AutoKMS

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]/64

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět