Prosim o kontrolu logu z RSIT

[Yurda]

Dobry den, prosim o kontrolu bezim dlouho bez antiviru + firewallu. Obcas si vsimam zvlastni aktivity site v idle stavu pc...

Dekuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Yurda at 2018-02-25 18:11:01
Microsoft Windows 10 Home
System drive C: has 18 GB (8%) free of 238 GB
Total RAM: 16270 MB (87% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:11:01, on 25.2.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Users\Yurda\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\Yurda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Yurda\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Programy\steam.exe" -silent
O4 - HKCU\..\Run: [Spotify] C:\Users\Yurda\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Yurda\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7290 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
"fontdrvhost.exe"
winlogon.exe
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k localservice -s nsi
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s WpnService

c:\windows\system32\svchost.exe -k netsvcs -s Browser

c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"

c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\Yurda\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DsSvc
dashost.exe {5022b6ce-aa26-418e-a5dc30a76c58c519}
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\WINDOWS\system32\AUDIODG.EXE 0x5a8
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe20_ Global\UsGthrCtrlFltPipeMssGthrPipe20 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 692 696 704 8192 700
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wisvc
"C:\Users\Yurda\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-13 3942864]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-04-01 1882168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Yurda\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-01-31 1554080]
"Steam"=C:\Programy\steam.exe [2017-12-15 3111712]
"Spotify"=C:\Users\Yurda\AppData\Roaming\Spotify\Spotify.exe [2018-02-03 21091728]
"Spotify Web Helper"=C:\Users\Yurda\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-02-03 780688]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-02-25 18:08:21 ----D---- C:\rsit
2018-02-25 18:08:21 ----D---- C:\Program Files\trend micro
2018-02-24 21:03:27 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2018-02-24 21:03:27 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2018-02-24 21:03:27 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2018-02-24 21:03:27 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2018-02-24 21:03:27 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-02-24 21:03:21 ----A---- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-02-24 21:03:20 ----D---- C:\Program Files (x86)\VulkanRT
2018-02-24 21:03:20 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2018-02-24 21:03:20 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2018-02-24 21:03:20 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2018-02-24 21:03:20 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2018-02-24 21:03:09 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2018-02-24 21:02:59 ----D---- C:\WINDOWS\LastGood.Tmp
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvopencl.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvdispgenco6438165.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvdispco6438165.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvcuda.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\nvapi64.dll
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2018-02-24 21:02:13 ----A---- C:\WINDOWS\system32\drivers\nvpciflt.sys
2018-02-24 21:00:56 ----D---- C:\NVIDIA
2018-02-24 20:30:22 ----AD---- C:\Program Files\rempl
2018-02-24 20:30:18 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\wups.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\wudriver.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\wuauclt.exe
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\wuapi.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\usocore.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\usoapi.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\storewuauth.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\dosvc.dll
2018-02-24 20:30:18 ----A---- C:\WINDOWS\system32\domgmt.dll
2018-02-24 20:30:17 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-02-03 20:42:00 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2018-02-03 20:42:00 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2018-02-03 20:42:00 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_7.dll
2018-02-03 20:42:00 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2018-02-03 20:42:00 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2018-02-03 20:42:00 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2018-02-03 20:41:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2018-02-03 20:41:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
2018-02-03 20:41:59 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_43.dll
2018-02-03 20:41:59 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_43.dll
2018-02-03 20:41:59 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2018-02-03 20:41:59 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2018-02-03 20:41:59 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2018-02-03 20:41:59 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2018-02-03 20:41:58 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_6.dll
2018-02-03 20:41:58 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_4.dll
2018-02-03 20:41:58 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
2018-02-03 20:41:58 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2018-02-03 20:41:58 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2018-02-03 20:41:58 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2018-02-03 20:41:57 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_5.dll
2018-02-03 20:41:57 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_6.dll
2018-02-03 20:41:57 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_7.dll
2018-02-03 20:41:57 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2018-02-03 20:41:57 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2018-02-03 20:41:57 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2018-02-03 20:41:56 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_5.dll
2018-02-03 20:41:56 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_42.dll
2018-02-03 20:41:56 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2018-02-03 20:41:56 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2018-02-03 20:41:55 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_42.dll
2018-02-03 20:41:55 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_42.dll
2018-02-03 20:41:55 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_42.dll
2018-02-03 20:41:55 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2018-02-03 20:41:55 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2018-02-03 20:41:55 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2018-02-03 20:41:54 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_42.dll
2018-02-03 20:41:54 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_41.dll
2018-02-03 20:41:54 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_41.dll
2018-02-03 20:41:54 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2018-02-03 20:41:54 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2018-02-03 20:41:54 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2018-02-03 20:41:53 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_4.dll
2018-02-03 20:41:53 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_3.dll
2018-02-03 20:41:53 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_4.dll
2018-02-03 20:41:53 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_41.dll
2018-02-03 20:41:53 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2018-02-03 20:41:53 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2018-02-03 20:41:53 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2018-02-03 20:41:53 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2018-02-03 20:41:52 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_6.dll
2018-02-03 20:41:52 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_40.dll
2018-02-03 20:41:52 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_40.dll
2018-02-03 20:41:52 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2018-02-03 20:41:52 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2018-02-03 20:41:52 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2018-02-03 20:41:51 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_3.dll
2018-02-03 20:41:51 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_2.dll
2018-02-03 20:41:51 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_40.dll
2018-02-03 20:41:51 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2018-02-03 20:41:51 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2018-02-03 20:41:51 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2018-02-03 20:41:50 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_2.dll
2018-02-03 20:41:50 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_1.dll
2018-02-03 20:41:50 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_3.dll
2018-02-03 20:41:50 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_5.dll
2018-02-03 20:41:50 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2018-02-03 20:41:50 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2018-02-03 20:41:50 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2018-02-03 20:41:50 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2018-02-03 20:41:49 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_2.dll
2018-02-03 20:41:49 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_39.dll
2018-02-03 20:41:49 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_39.dll
2018-02-03 20:41:49 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2018-02-03 20:41:49 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2018-02-03 20:41:49 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2018-02-03 20:41:48 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_1.dll
2018-02-03 20:41:48 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_0.dll
2018-02-03 20:41:48 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_1.dll
2018-02-03 20:41:48 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_39.dll
2018-02-03 20:41:48 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2018-02-03 20:41:48 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2018-02-03 20:41:48 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2018-02-03 20:41:48 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2018-02-03 20:41:47 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_4.dll
2018-02-03 20:41:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_38.dll
2018-02-03 20:41:47 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_38.dll
2018-02-03 20:41:47 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2018-02-03 20:41:47 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2018-02-03 20:41:47 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2018-02-03 20:41:46 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_0.dll
2018-02-03 20:41:46 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_38.dll
2018-02-03 20:41:46 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2018-02-03 20:41:46 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2018-02-03 20:41:45 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_0.dll
2018-02-03 20:41:45 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_3.dll
2018-02-03 20:41:45 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_37.dll
2018-02-03 20:41:45 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_37.dll
2018-02-03 20:41:45 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2018-02-03 20:41:45 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2018-02-03 20:41:45 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2018-02-03 20:41:45 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2018-02-03 20:41:44 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_10.dll
2018-02-03 20:41:44 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_37.dll
2018-02-03 20:41:44 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2018-02-03 20:41:44 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2018-02-03 20:41:43 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_36.dll
2018-02-03 20:41:43 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_36.dll
2018-02-03 20:41:43 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2018-02-03 20:41:43 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2018-02-03 20:41:42 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_9.dll
2018-02-03 20:41:42 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_36.dll
2018-02-03 20:41:42 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2018-02-03 20:41:42 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2018-02-03 20:41:41 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_35.dll
2018-02-03 20:41:41 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_35.dll
2018-02-03 20:41:41 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_35.dll
2018-02-03 20:41:41 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2018-02-03 20:41:41 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2018-02-03 20:41:41 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2018-02-03 20:41:40 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_8.dll
2018-02-03 20:41:40 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_2.dll
2018-02-03 20:41:40 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_34.dll
2018-02-03 20:41:40 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_34.dll
2018-02-03 20:41:40 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2018-02-03 20:41:40 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2018-02-03 20:41:40 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2018-02-03 20:41:40 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2018-02-03 20:41:39 ----A---- C:\WINDOWS\SYSWOW64\xinput1_3.dll
2018-02-03 20:41:39 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_7.dll
2018-02-03 20:41:39 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_34.dll
2018-02-03 20:41:39 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2018-02-03 20:41:39 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2018-02-03 20:41:39 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2018-02-03 20:41:38 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_33.dll
2018-02-03 20:41:38 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_33.dll
2018-02-03 20:41:38 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_33.dll
2018-02-03 20:41:38 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2018-02-03 20:41:38 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2018-02-03 20:41:38 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2018-02-03 20:41:37 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_6.dll
2018-02-03 20:41:37 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_5.dll
2018-02-03 20:41:37 ----A---- C:\WINDOWS\SYSWOW64\d3dx10.dll
2018-02-03 20:41:37 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2018-02-03 20:41:37 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2018-02-03 20:41:37 ----A---- C:\WINDOWS\system32\d3dx10.dll
2018-02-03 20:41:36 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_4.dll
2018-02-03 20:41:36 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_1.dll
2018-02-03 20:41:36 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_32.dll
2018-02-03 20:41:36 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2018-02-03 20:41:36 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2018-02-03 20:41:36 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2018-02-03 20:41:35 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_3.dll
2018-02-03 20:41:35 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_31.dll
2018-02-03 20:41:35 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2018-02-03 20:41:35 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2018-02-03 20:41:34 ----A---- C:\WINDOWS\SYSWOW64\xinput1_2.dll
2018-02-03 20:41:34 ----A---- C:\WINDOWS\SYSWOW64\xinput1_1.dll
2018-02-03 20:41:34 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_2.dll
2018-02-03 20:41:34 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2018-02-03 20:41:34 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2018-02-03 20:41:34 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2018-02-03 20:41:33 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_1.dll
2018-02-03 20:41:33 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2018-02-03 20:41:30 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_0.dll
2018-02-03 20:41:30 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_0.dll
2018-02-03 20:41:30 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_30.dll
2018-02-03 20:41:30 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2018-02-03 20:41:30 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2018-02-03 20:41:30 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2018-02-03 20:41:29 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_29.dll
2018-02-03 20:41:29 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_28.dll
2018-02-03 20:41:29 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2018-02-03 20:41:29 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2018-02-03 20:41:28 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_27.dll
2018-02-03 20:41:28 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_26.dll
2018-02-03 20:41:28 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2018-02-03 20:41:28 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2018-02-03 20:41:27 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_25.dll
2018-02-03 20:41:27 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_24.dll
2018-02-03 20:41:27 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2018-02-03 20:41:27 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2018-01-28 18:39:41 ----D---- C:\Games

======List of files/folders modified in the last 1 month======

2018-02-25 18:10:03 ----D---- C:\Programy
2018-02-25 18:09:50 ----D---- C:\WINDOWS\Prefetch
2018-02-25 18:08:21 ----RD---- C:\Program Files
2018-02-25 17:40:55 ----D---- C:\WINDOWS\Temp
2018-02-25 17:34:00 ----D---- C:\WINDOWS\system32\sru
2018-02-25 16:33:24 ----D---- C:\WINDOWS\system32\SleepStudy
2018-02-25 14:06:14 ----D---- C:\WINDOWS\System32
2018-02-25 14:06:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-25 12:25:25 ----D---- C:\ProgramData\NVIDIA
2018-02-25 10:50:40 ----SHD---- C:\System Volume Information
2018-02-25 10:36:14 ----D---- C:\WINDOWS\system32\config
2018-02-25 10:34:04 ----D---- C:\WINDOWS\WinSxS
2018-02-25 10:34:03 ----RD---- C:\WINDOWS\Microsoft.NET
2018-02-25 10:33:48 ----D---- C:\WINDOWS\rescache
2018-02-25 08:43:53 ----D---- C:\Users\Yurda\AppData\Roaming\Spotify
2018-02-25 08:43:41 ----D---- C:\ProgramData\ASUS Smart Gesture
2018-02-25 08:43:37 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-25 08:43:32 ----D---- C:\WINDOWS\SysWOW64
2018-02-25 08:43:21 ----D---- C:\Windows
2018-02-24 21:04:35 ----D---- C:\ProgramData\NVIDIA Corporation
2018-02-24 21:03:27 ----D---- C:\WINDOWS\system32\Tasks
2018-02-24 21:03:27 ----D---- C:\Program Files\NVIDIA Corporation
2018-02-24 21:03:26 ----D---- C:\WINDOWS\system32\DriverStore
2018-02-24 21:03:26 ----D---- C:\WINDOWS\system32\drivers
2018-02-24 21:03:26 ----D---- C:\WINDOWS\INF
2018-02-24 21:03:26 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-02-24 21:03:20 ----RD---- C:\Program Files (x86)
2018-02-24 21:02:55 ----D---- C:\WINDOWS\system32\catroot2
2018-02-24 20:57:35 ----D---- C:\WINDOWS\system32\wbem
2018-02-24 20:57:35 ----D---- C:\WINDOWS\system32\cs-CZ
2018-02-24 20:30:22 ----SHD---- C:\WINDOWS\Installer
2018-02-24 20:30:22 ----D---- C:\WINDOWS\CbsTemp
2018-02-24 20:30:09 ----D---- C:\WINDOWS\SoftwareDistribution
2018-02-07 10:52:22 ----D---- C:\WINDOWS\hsperfdata_Yurda
2018-02-07 00:34:48 ----D---- C:\Users\Yurda\AppData\Roaming\TS3Client
2018-02-03 20:41:33 ----RSD---- C:\WINDOWS\assembly
2018-02-03 19:44:02 ----D---- C:\filmy
2018-01-31 12:02:31 ----D---- C:\android-studio
2018-01-30 16:14:26 ----D---- C:\Users\Yurda\AppData\Roaming\brave
2018-01-27 01:02:51 ----D---- C:\WINDOWS\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2017-04-03 48696]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 MpKsl94c9a2ca;MpKsl94c9a2ca; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{797A8D12-467C-4872-93A5-551CA56332CC}\MpKsl94c9a2ca.sys [2018-02-25 58120]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 IntelHaxm;Intel HAXM Service; C:\WINDOWS\system32\DRIVERS\IntelHaxm.sys [2017-08-21 126584]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-03-18 79872]
R3 AMPPAL;@oem3.inf,%AMPPAL.SVCDESC%;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\WINDOWS\System32\drivers\AMPPAL.sys [2013-04-11 164832]
R3 AsusTP;@oem27.inf,%PS2.DeviceDesc%;ASUS Input Touchpad Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2017-03-09 128024]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 HIDSwitch;@oem19.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsRadioControl.sys [2016-12-19 31120]
R3 ibtfltcoex;@oem9.inf,%PROVIDER_NAME%;Intel Corporation; C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys [2015-07-01 79632]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-11-30 7969760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-11-10 4585744]
R3 MEIx64;@oem2.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-11 64624]
R3 NETwNe64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\System32\drivers\NETwew01.sys [2017-03-18 3343872]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_d5fc647520664d82\nvlddmkm.sys [2017-04-03 14841784]
R3 nvvad_WaveExtensible;@oem32.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-04-01 66608]
R3 nvvhci;@oem34.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-04-01 76840]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-03-18 604160]
R3 RTSPER;@oem17.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-07-08 759552]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-03-18 36760]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 AMPPALP;@oem0.inf,%AMPPALP_Desc%;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\WINDOWS\system32\DRIVERS\amppal.sys [2013-04-11 164832]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-07-28 105472]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-07-28 97280]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-05 130560]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-07-28 982016]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 IntcDAud;@oem14.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-04-01 29240]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 qcusbnet;@oem25.inf,%qcwwan.Service.DispName%;Qualcomm USB-NDIS miniport; C:\WINDOWS\System32\drivers\qcusbnet.sys [2017-03-15 428600]
S3 qcusbser;@oem23.inf,%QCUSBSER%;Qualcomm USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [2017-03-15 254520]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-08-01 180736]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2017-09-05 104960]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2017-03-18 179200]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-07-28 51712]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2017-03-18 45568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_2f9c9;Uživatelská služba platformy připojených zařízení_2f9c9; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-30 373728]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-01 464440]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-04-01 462784]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-04-01 427064]
R2 OneSyncSvc_2f9c9;Hostitel synchronizace_2f9c9; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-07-07 336320]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 PimIndexMaintenanceSvc_2f9c9;Data kontaktů_2f9c9; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-21 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-11-30 301536]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_2f9c9;Tok zařízení_2f9c9; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-21 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_2f9c9;Služba zasílání zpráv_2f9c9; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-01 464440]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2017-03-18 302592]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Yurda]

# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 25 18:28:25 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tweakbit.com
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-106782938-1310742307-1729983138-1000\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1223 B] - [2018/2/25 18:27:50]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

[Rudy]

OK. Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

[Yurda]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.02.2018
Ran by Yurda (administrator) on YURDA-MAC (25-02-2018 21:04:13)
Running from C:\Users\Yurda\Desktop
Loaded Profiles: Yurda (Available Profiles: Yurda)
Platform: Windows 10 Home Version 1703 15063.608 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Valve Corporation) C:\Programy\Steam.exe
(Valve Corporation) C:\Programy\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Programy\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Spotify Ltd) C:\Users\Yurda\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) C:\Programy\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Yurda\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-106782938-1310742307-1729983138-1000\...\Run: [Steam] => C:\Programy\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-106782938-1310742307-1729983138-1000\...\Run: [Spotify] => C:\Users\Yurda\AppData\Roaming\Spotify\Spotify.exe [21091728 2018-02-03] (Spotify Ltd)
HKU\S-1-5-21-106782938-1310742307-1729983138-1000\...\Run: [Spotify Web Helper] => C:\Users\Yurda\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-02-03] (Spotify Ltd)
HKU\S-1-5-21-106782938-1310742307-1729983138-1000\...\MountPoints2: {1485b9a4-5f6e-11e7-9884-bcee7b012240} - "E:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-106782938-1310742307-1729983138-1000\...\MountPoints2: {1485ba57-5f6e-11e7-9884-bcee7b012240} - "E:\HTC_Sync_Manager_PC.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{1f806e00-dbdb-4886-88a3-00ec7084f245}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default [2018-02-25]
CHR Extension: (Prezentace) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-28]
CHR Extension: (Dokumenty) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-28]
CHR Extension: (Disk Google) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-21]
CHR Extension: (YouTube) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-21]
CHR Extension: (Block site) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2017-12-03]
CHR Extension: (Tabulky) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-21]
CHR Extension: (AdBlock) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-24]
CHR Extension: (Backspace to go Back) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlffgllnjjkheddehpolbanogdeaogbc [2018-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-21]
CHR Extension: (Chrome Media Router) - C:\Users\Yurda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [31120 2016-12-19] (ASUS)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_d5fc647520664d82\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-04-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [66608 2017-04-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-07-08] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 dmwappushsvc; no ImagePath
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-25 21:04 - 2018-02-25 21:04 - 000012058 _____ C:\Users\Yurda\Desktop\FRST.txt
2018-02-25 21:03 - 2018-02-25 21:04 - 000000000 ____D C:\FRST
2018-02-25 21:01 - 2018-02-25 21:01 - 166024000 _____ (Brave Software) C:\Users\Yurda\Downloads\BraveSetup-x64 (1).exe
2018-02-25 20:57 - 2018-02-25 21:02 - 000112640 _____ (forum.viry.cz) C:\Users\Yurda\Desktop\FRSTLauncher.exe
2018-02-25 20:57 - 2018-02-25 20:57 - 002403328 _____ (Farbar) C:\Users\Yurda\Desktop\FRST64.exe
2018-02-25 19:26 - 2018-02-25 19:27 - 000000000 ____D C:\AdwCleaner
2018-02-25 19:26 - 2018-02-25 19:26 - 008222496 _____ (Malwarebytes) C:\Users\Yurda\Desktop\adwcleaner_7.0.8.0.exe
2018-02-25 18:08 - 2018-02-25 18:11 - 000000000 ____D C:\Program Files\trend micro
2018-02-25 18:08 - 2018-02-25 18:08 - 001222144 _____ C:\Users\Yurda\Downloads\RSITx64.exe
2018-02-25 18:08 - 2018-02-25 18:08 - 000000000 ____D C:\rsit
2018-02-24 21:03 - 2018-02-25 08:45 - 000000000 ____D C:\Users\Yurda\AppData\Local\NVIDIA Corporation
2018-02-24 21:03 - 2018-02-24 21:03 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-24 21:03 - 2018-02-24 21:03 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-24 21:03 - 2018-02-24 21:03 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-24 21:03 - 2018-02-24 21:03 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-24 21:03 - 2018-02-24 21:03 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-24 21:03 - 2018-02-24 21:03 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-24 21:03 - 2018-02-24 21:03 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-24 21:03 - 2018-02-24 21:03 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-02-24 21:03 - 2018-02-24 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-24 21:03 - 2018-02-24 21:03 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-24 21:03 - 2017-04-01 04:27 - 001882168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-02-24 21:03 - 2017-04-01 04:27 - 001756728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2018-02-24 21:03 - 2017-04-01 04:27 - 001470520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-02-24 21:03 - 2017-04-01 04:27 - 001318968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2018-02-24 21:03 - 2017-04-01 04:27 - 000121912 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-02-24 21:03 - 2017-04-01 04:27 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-02-24 21:03 - 2017-04-01 04:27 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-02-24 21:03 - 2017-03-10 22:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-02-24 21:03 - 2017-03-10 22:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-02-24 21:03 - 2017-03-10 22:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-02-24 21:03 - 2017-03-10 22:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-02-24 21:02 - 2018-02-24 21:03 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-02-24 21:02 - 2017-04-03 15:49 - 000048696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2018-02-24 21:02 - 2017-04-01 04:27 - 040201152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 035354048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 035280320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 028592184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 011111392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 011056272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 010635192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 009316648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 009014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 008876272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 004085712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 003790904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 003246016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 001988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438165.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 001591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438165.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 001278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 001055800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 000995920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 000990144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 000960448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 000911296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 000776048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 000688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 000612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 000609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 000577544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-02-24 21:02 - 2017-04-01 04:27 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2018-02-24 21:02 - 2017-04-01 04:27 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2018-02-24 21:02 - 2017-04-01 01:41 - 000172592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-02-24 21:02 - 2017-04-01 01:41 - 000146480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-02-24 21:02 - 2017-04-01 01:41 - 000076840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-02-24 21:02 - 2017-04-01 01:41 - 000066608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-02-24 21:00 - 2018-02-24 21:00 - 000000000 ____D C:\NVIDIA
2018-02-24 20:59 - 2018-02-24 21:00 - 435407592 _____ (NVIDIA Corporation) C:\Users\Yurda\Downloads\381.65-notebook-win10-64bit-international-whql.exe
2018-02-24 20:30 - 2018-02-24 20:40 - 000000000 ____D C:\Program Files\rempl
2018-02-24 20:30 - 2018-01-01 02:41 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-02-24 20:30 - 2018-01-01 02:40 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-02-24 20:30 - 2018-01-01 02:40 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-24 20:30 - 2018-01-01 02:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-24 20:30 - 2018-01-01 02:38 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-24 20:30 - 2018-01-01 02:35 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-02-24 20:30 - 2018-01-01 02:30 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-02-24 20:30 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-02-24 20:30 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2018-02-24 20:30 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-24 20:30 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2018-02-24 20:30 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2018-02-24 20:30 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2018-02-24 20:30 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-02-24 20:30 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2018-02-24 20:30 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-02-24 20:30 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-02-24 20:30 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-02-24 20:30 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-02-24 20:30 - 2017-09-29 08:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-02-24 20:30 - 2017-09-29 08:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-02-24 20:30 - 2017-09-29 08:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-02-24 20:30 - 2017-09-29 08:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-02-03 20:42 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2018-02-03 20:42 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2018-02-03 20:42 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2018-02-03 20:42 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2018-02-03 20:42 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2018-02-03 20:42 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2018-02-03 20:41 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2018-02-03 20:41 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2018-02-03 20:41 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2018-02-03 20:41 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2018-02-03 20:41 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2018-02-03 20:41 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2018-02-03 20:41 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2018-02-03 20:41 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2018-02-03 20:41 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2018-02-03 20:41 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2018-02-03 20:41 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2018-02-03 20:41 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2018-02-03 20:41 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2018-02-03 20:41 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2018-02-03 20:41 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2018-02-03 20:41 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2018-02-03 20:41 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2018-02-03 20:41 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2018-02-03 20:41 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2018-02-03 20:41 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2018-02-03 20:41 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2018-02-03 20:41 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2018-02-03 20:41 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2018-02-03 20:41 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2018-02-03 20:41 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2018-02-03 20:41 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2018-02-03 20:41 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2018-02-03 20:41 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2018-02-03 20:41 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2018-02-03 20:41 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2018-02-03 20:41 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2018-02-03 20:41 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2018-02-03 20:41 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2018-02-03 20:41 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2018-02-03 20:41 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2018-02-03 20:41 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2018-02-03 20:41 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2018-02-03 20:41 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2018-02-03 20:41 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2018-02-03 20:41 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2018-02-03 20:41 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2018-02-03 20:41 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2018-02-03 20:41 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2018-02-03 20:41 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2018-02-03 20:41 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2018-02-03 20:41 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2018-02-03 20:41 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2018-02-03 20:41 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2018-02-03 20:41 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2018-02-03 20:41 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2018-02-03 20:41 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2018-02-03 20:41 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2018-02-03 20:41 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2018-02-03 20:41 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2018-02-03 20:41 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2018-02-03 20:41 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2018-02-03 20:41 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2018-02-03 20:41 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2018-02-03 20:41 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2018-02-03 20:41 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2018-02-03 20:41 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2018-02-03 20:41 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2018-02-03 20:41 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2018-02-03 20:41 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2018-02-03 20:41 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2018-02-03 20:41 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2018-02-03 20:41 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2018-02-03 20:41 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2018-02-03 20:41 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2018-02-03 20:41 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2018-02-03 20:41 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2018-02-03 20:41 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2018-02-03 20:41 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2018-02-03 20:41 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2018-02-03 20:41 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2018-02-03 20:41 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2018-02-03 20:41 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2018-02-03 20:41 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2018-02-03 20:41 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2018-02-03 20:41 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2018-02-03 20:41 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2018-02-03 20:41 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2018-02-03 20:41 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2018-02-03 20:41 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2018-02-03 20:41 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2018-02-03 20:41 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2018-02-03 20:41 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2018-02-03 20:41 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2018-02-03 20:41 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2018-02-03 20:41 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2018-02-03 20:41 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2018-02-03 20:41 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2018-02-03 20:41 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2018-02-03 20:41 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2018-02-03 20:41 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2018-02-03 20:41 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2018-02-03 20:41 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2018-02-03 20:41 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2018-02-03 20:41 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2018-02-03 20:41 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2018-02-03 20:41 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2018-02-03 20:41 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2018-02-03 20:41 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2018-02-03 20:41 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2018-02-03 20:41 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2018-02-03 20:41 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2018-02-03 20:41 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2018-02-03 20:41 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2018-02-03 20:41 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2018-02-03 20:41 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2018-02-03 20:41 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2018-02-03 20:41 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2018-02-03 20:41 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2018-02-03 20:41 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2018-02-03 20:41 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2018-02-03 20:41 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2018-02-03 20:41 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2018-02-03 20:41 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2018-02-03 20:41 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2018-02-03 20:41 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2018-02-03 20:41 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2018-02-03 20:41 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2018-02-03 20:41 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2018-02-03 20:41 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2018-02-03 20:41 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2018-02-03 20:41 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2018-02-03 20:41 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2018-02-03 20:41 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2018-02-03 20:41 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2018-02-03 20:41 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2018-02-03 20:41 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2018-02-03 20:41 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2018-02-03 20:41 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2018-02-03 20:41 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2018-02-03 20:41 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2018-02-03 20:41 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2018-02-03 20:41 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2018-02-03 20:41 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2018-02-03 20:41 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2018-02-03 20:41 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2018-02-03 20:41 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2018-02-03 20:41 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2018-02-03 20:41 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2018-02-03 20:41 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2018-02-03 20:41 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2018-02-03 20:41 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2018-02-03 20:41 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2018-02-03 20:41 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2018-02-03 20:41 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2018-02-03 20:41 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2018-02-03 20:41 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2018-02-03 20:41 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2018-02-03 20:41 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2018-02-03 20:41 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2018-02-03 20:41 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2018-02-03 20:41 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2018-02-03 20:41 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2018-02-03 20:41 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2018-02-03 20:41 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2018-02-03 20:41 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2018-02-03 20:41 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2018-02-03 20:41 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2018-02-03 20:41 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2018-02-03 20:41 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2018-02-03 20:41 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2018-02-03 20:41 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2018-02-03 20:41 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2018-02-03 20:41 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2018-02-03 20:41 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2018-02-03 20:41 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2018-02-03 20:41 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2018-02-03 20:41 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2018-02-03 20:41 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2018-02-03 20:41 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2018-02-03 20:41 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2018-02-03 20:41 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2018-02-03 19:44 - 2018-02-03 19:44 - 000000202 _____ C:\Users\Yurda\Desktop\Counter-Strike Global Offensive.url
2018-02-03 19:44 - 2018-02-03 19:44 - 000000000 ____D C:\Users\Yurda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-02-02 19:08 - 2018-02-02 19:08 - 000000000 ____D C:\Users\Yurda\Desktop\jar
2018-02-02 19:07 - 2018-02-02 19:07 - 000131014 _____ C:\Users\Yurda\Downloads\letter.pdf
2018-01-30 10:54 - 2018-01-30 11:20 - 041658472 _____ C:\Users\Yurda\Downloads\Hands-On Machine Learning With - Aurelien Geron_1620.pdf
2018-01-29 09:27 - 2018-01-29 09:27 - 000070515 _____ C:\Users\Yurda\Downloads\faktura_20180001.pdf
2018-01-28 18:40 - 2018-01-28 18:40 - 000000843 _____ C:\Users\Yurda\Desktop\Tiberian Sun CnCNet.lnk
2018-01-28 18:39 - 2018-01-28 18:39 - 027439883 _____ (cncnet.org ) C:\Users\Yurda\Downloads\TiberianSun_Online_Installer.exe
2018-01-28 18:39 - 2018-01-28 18:39 - 000000000 ____D C:\Games
2018-01-27 01:02 - 2018-01-27 01:02 - 000685676 _____ C:\WINDOWS\Minidump\012718-52500-01.dmp
2018-01-26 16:36 - 2018-01-26 16:36 - 000000124 _____ C:\Users\Yurda\Downloads\user-data.csv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-25 21:00 - 2017-09-26 13:10 - 000000000 ____D C:\Users\Yurda\AppData\Roaming\brave
2018-02-25 19:34 - 2017-06-21 23:13 - 002731406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-25 19:34 - 2017-03-20 05:43 - 009053760 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-25 19:34 - 2017-03-20 05:43 - 002625140 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-25 19:33 - 2017-07-18 16:04 - 000000000 ____D C:\Users\Yurda\AppData\Local\Spotify
2018-02-25 19:33 - 2017-06-21 23:43 - 000000000 ____D C:\Programy
2018-02-25 19:33 - 2017-06-21 23:10 - 000000000 ____D C:\Users\Yurda
2018-02-25 19:30 - 2017-06-21 23:27 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-25 19:29 - 2017-07-18 16:03 - 000000000 ____D C:\Users\Yurda\AppData\Roaming\Spotify
2018-02-25 19:28 - 2017-07-26 08:46 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-02-25 19:28 - 2017-06-21 23:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-25 19:28 - 2017-06-21 23:30 - 000000000 __SHD C:\Users\Yurda\IntelGraphicsProfiles
2018-02-25 19:28 - 2017-06-21 23:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-25 19:28 - 2017-03-18 12:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-25 19:25 - 2017-06-21 23:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-25 18:05 - 2017-06-22 01:05 - 000033528 _____ C:\Users\Yurda\Desktop\hova.txt
2018-02-25 10:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2018-02-24 21:04 - 2017-06-21 23:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-24 21:03 - 2017-06-21 23:27 - 000000000 ____D C:\Users\Yurda\AppData\Local\NVIDIA
2018-02-24 21:03 - 2017-06-21 23:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-24 21:03 - 2017-06-21 23:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-24 21:03 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-02-24 20:30 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-24 20:29 - 2017-06-21 22:08 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-24 20:29 - 2017-06-21 22:08 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-07 11:19 - 2017-06-22 00:33 - 000000000 ____D C:\Users\Yurda\.android
2018-02-07 10:52 - 2017-07-28 10:50 - 000000000 ____D C:\WINDOWS\hsperfdata_Yurda
2018-02-07 00:34 - 2017-06-25 18:04 - 000000000 ____D C:\Users\Yurda\AppData\Roaming\TS3Client
2018-02-03 19:44 - 2017-10-03 20:32 - 000000000 ____D C:\filmy
2018-01-31 23:30 - 2017-07-25 10:44 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-106782938-1310742307-1729983138-1000
2018-01-31 23:30 - 2017-06-21 23:16 - 000002387 _____ C:\Users\Yurda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-31 23:30 - 2017-06-21 23:16 - 000000000 ___RD C:\Users\Yurda\OneDrive
2018-01-31 12:02 - 2017-11-06 10:08 - 000000000 ____D C:\android-studio
2018-01-29 10:26 - 2018-01-21 14:10 - 000001413 _____ C:\Users\Yurda\Desktop\python.txt
2018-01-29 10:05 - 2017-07-31 21:20 - 000000000 ____D C:\Users\Yurda\Desktop\faktury
2018-01-27 01:02 - 2017-06-24 21:19 - 784110517 _____ C:\WINDOWS\MEMORY.DMP
2018-01-27 01:02 - 2017-06-24 21:19 - 000000000 ____D C:\WINDOWS\Minidump

==================== Files in the root of some directories =======

2017-11-21 23:26 - 2018-01-14 19:27 - 000007643 _____ () C:\Users\Yurda\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-02-05 14:19 - 2018-02-05 14:19 - 000951296 ____N () C:\Users\Yurda\AppData\Local\Temp\sqlite-3.16.1-fb332697-975a-4228-a96e-99a0f2ff333c-sqlitejdbc.dll
2017-08-21 15:05 - 2017-08-21 15:05 - 000737280 ____N () C:\Users\Yurda\AppData\Local\Temp\sqlite-3.8.11.2-00478084-c35b-4fba-acfb-9a8aece098f6-sqlitejdbc.dll
2017-08-15 14:22 - 2017-08-15 14:22 - 000737280 ____N () C:\Users\Yurda\AppData\Local\Temp\sqlite-3.8.11.2-0ddf40ce-c1b5-4e92-aca7-5e05ee62e37e-sqlitejdbc.dll
2017-07-10 14:31 - 2017-07-10 14:31 - 000737280 ____N () C:\Users\Yurda\AppData\Local\Temp\sqlite-3.8.11.2-40a5ca2d-af6e-4777-a865-e9b9122ebb82-sqlitejdbc.dll
2017-12-20 16:28 - 2017-12-20 16:28 - 000737280 ____N () C:\Users\Yurda\AppData\Local\Temp\sqlite-3.8.11.2-57e33d78-0d98-42af-9ebf-970fccc6eb2b-sqlitejdbc.dll
2017-10-29 00:33 - 2017-10-29 00:33 - 000737280 ____N () C:\Users\Yurda\AppData\Local\Temp\sqlite-3.8.11.2-69c33266-79f4-475d-a22f-854fc206ca1f-sqlitejdbc.dll
2017-08-03 12:54 - 2017-08-03 12:54 - 000737280 _____ () C:\Users\Yurda\AppData\Local\Temp\sqlite-3.8.11.2-9d34dec4-40b6-41fa-ab06-7310d43efc59-sqlitejdbc.dll
2017-10-03 00:01 - 2017-10-03 00:01 - 000737280 ____N () C:\Users\Yurda\AppData\Local\Temp\sqlite-3.8.11.2-b8ae2154-fe72-45c4-bc12-75377c80288f-sqlitejdbc.dll
2017-11-11 00:13 - 2017-11-11 00:13 - 000737280 ____N () C:\Users\Yurda\AppData\Local\Temp\sqlite-3.8.11.2-ce3516b7-7ad5-4843-a1a4-0ddf9bb1e22a-sqlitejdbc.dll
2017-07-17 15:24 - 2017-07-17 15:24 - 000737280 ____N () C:\Users\Yurda\AppData\Local\Temp\sqlite-3.8.11.2-d267537c-d7ba-4a8d-996d-e67796068a6a-sqlitejdbc.dll
2017-09-20 08:47 - 2017-09-20 08:47 - 000737280 _____ () C:\Users\Yurda\AppData\Local\Temp\sqlite-3.8.11.2-dd6d0b07-11f3-4146-b510-bce541a584b9-sqlitejdbc.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Yurda\Desktop" je 302 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-106782938-1310742307-1729983138-1000\...\MountPoints2: {1485b9a4-5f6e-11e7-9884-bcee7b012240} - "E:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-106782938-1310742307-1729983138-1000\...\MountPoints2: {1485ba57-5f6e-11e7-9884-bcee7b012240} - "E:\HTC_Sync_Manager_PC.exe"
U3 dmwappushsvc; no ImagePath
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Yurda\AppData\Local\Temp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Yurda]

log se neobjevil, ale predpokladam, ze by se zobrazil Fixlog tak ho postuji.

Fix result of Farbar Recovery Scan Tool (x64) Version: 24.02.2018
Ran by Yurda (25-02-2018 22:27:40) Run:1
Running from C:\Users\Yurda\Desktop
Loaded Profiles: Yurda (Available Profiles: Yurda)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-106782938-1310742307-1729983138-1000\...\MountPoints2: {1485b9a4-5f6e-11e7-9884-bcee7b012240} - "E:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-106782938-1310742307-1729983138-1000\...\MountPoints2: {1485ba57-5f6e-11e7-9884-bcee7b012240} - "E:\HTC_Sync_Manager_PC.exe"
U3 dmwappushsvc; no ImagePath
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Yurda\AppData\Local\Temp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key could not remove, key could be protected
"HKU\S-1-5-21-106782938-1310742307-1729983138-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1485b9a4-5f6e-11e7-9884-bcee7b012240}" => removed successfully
HKLM\Software\Classes\CLSID\{1485b9a4-5f6e-11e7-9884-bcee7b012240} => key not found
"HKU\S-1-5-21-106782938-1310742307-1729983138-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1485ba57-5f6e-11e7-9884-bcee7b012240}" => removed successfully
HKLM\Software\Classes\CLSID\{1485ba57-5f6e-11e7-9884-bcee7b012240} => key not found
"HKLM\System\CurrentControlSet\Services\dmwappushsvc" => removed successfully
dmwappushsvc => service removed successfully
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
"HKLM\System\CurrentControlSet\Services\wpcsvc" => removed successfully
wpcsvc => service removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\Yurda\AppData\Local\Temp => moved successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 984377665 B
Java, Flash, Steam htmlcache => 26222430 B
Windows/system/drivers => 5548425 B
Edge => 66691 B
Chrome => 415663214 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 3054282 B
Yurda => 66474657 B

RecycleBin => 102 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

[Rudy]

Smazáno, log je již OK.

[Yurda]

Vse je jiz ok? FRST mam klasicky smazat ?

[Rudy]

Jestli je vše v pořádku bychom věděli až po hloubkovém skenu MBAM: http://www.malwarebytes.org/mbam.php . Chcete-li, udělejte kompletní sken a dejte log. Předem nic namžte. Psal jsem, že log FRST je OK.

[Yurda]

komplexni scan nic nenasel

[Rudy]

Potom je váš PC po stránce malware čistý.