Js miner? prosim kontrolu logu
Napsal: 27 kvě 2018 21:18
Dobry den, dnes me synator asi natahl minera do pocitace pres online konverzy you tube vide na mp3. Pocitac po chvilce odpoji monitor, ten hlasi ze nema signal pricemz pc bezi vesele dal. Ukazal me 2 mp3 soubory, ktere ulozil nicmene v pruzkumnikovi zmizela moznost DELETE. Prosim o kontrolu logu pripadne o radu. Dekuji predem.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vojta at 2018-05-27 21:11:41
Microsoft Windows 10 Home
System drive C: has 1029 GB (54%) free of 1907 GB
Total RAM: 16337 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:53, on 27/05/2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Vojta\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Windows\syswow64\MsiExec.exe
C:\Users\Vojta\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Vojta.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Vojta\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH Authentication Agent (ssh-agent) - Unknown owner - C:\WINDOWS\System32\OpenSSH\ssh-agent.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 11926 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\16ewcldi.default
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.171 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2018-04-05 596664]
"ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2012-09-25 2629632]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2017-06-09 3191728]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Vojta\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-04-26 1624224]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-10-10 27832264]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-03-18 67384]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2018-03-18 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2018-03-18 356664]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2018-05-19 3200800]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-05-24 18364648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=lvcodec2.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-05-27 21:11:42 ----D---- C:\Program Files (x86)\trend micro
2018-05-27 21:11:41 ----D---- C:\rsit
2018-05-27 16:58:28 ----D---- C:\ProgramData\Malwarebytes
2018-05-27 16:56:31 ----HD---- C:\OneDriveTemp
2018-05-27 16:12:47 ----SHD---- C:\Config.Msi
2018-05-27 15:28:15 ----D---- C:\Program Files (x86)\Bonjour
2018-05-17 18:31:29 ----D---- C:\Users\Vojta\AppData\Roaming\AVAST Software
2018-05-17 18:18:59 ----D---- C:\ProgramData\AVAST Software
2018-05-17 15:44:49 ----D---- C:\ProgramData\Microsoft OneDrive
2018-05-17 14:32:23 ----D---- C:\Windows.old
2018-05-17 13:42:09 ----ASH---- C:\hiberfil.sys
2018-05-17 13:38:38 ----SD---- C:\Users\Vojta\AppData\Roaming\Microsoft
2018-05-17 13:37:17 ----A---- C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-05-17 13:37:17 ----A---- C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-05-17 13:37:17 ----A---- C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-05-17 13:37:16 ----D---- C:\Program Files (x86)\VulkanRT
2018-05-17 13:37:06 ----D---- C:\ProgramData\USOShared
2018-05-17 13:36:59 ----A---- C:\WINDOWS\SysWOW64\OpenCL.dll
2018-05-17 13:36:26 ----A---- C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-05-17 13:34:46 ----D---- C:\WINDOWS\Prefetch
2018-05-16 10:53:38 ----AS---- C:\WINDOWS\bootstat.dat
2018-05-16 10:52:21 ----D---- C:\WINDOWS\ServiceProfiles
2018-05-16 10:47:26 ----A---- C:\WINDOWS\SysWOW64\wmp.dll
2018-05-16 10:46:54 ----A---- C:\WINDOWS\SysWOW64\jscript.dll
2018-05-16 10:46:53 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-16 10:46:53 ----A---- C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-16 10:46:53 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-16 10:46:53 ----A---- C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-16 10:46:53 ----A---- C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-16 10:46:52 ----A---- C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-16 10:46:51 ----A---- C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-16 10:46:51 ----A---- C:\WINDOWS\SysWOW64\msfeeds.dll
2018-05-16 10:46:51 ----A---- C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-05-16 10:46:51 ----A---- C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-16 10:46:50 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-16 10:46:40 ----A---- C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-05-16 10:46:40 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-05-16 10:46:40 ----A---- C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-05-16 10:46:39 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-05-16 10:46:39 ----A---- C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-16 10:46:38 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2018-05-16 10:46:37 ----A---- C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-16 10:46:37 ----A---- C:\WINDOWS\SysWOW64\rasapi32.dll
2018-05-16 10:46:36 ----A---- C:\WINDOWS\SysWOW64\wininet.dll
2018-05-16 10:46:36 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-16 10:46:36 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-16 10:46:36 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-16 10:46:35 ----A---- C:\WINDOWS\SysWOW64\itss.dll
2018-05-16 10:46:35 ----A---- C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-16 10:46:33 ----A---- C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-16 10:46:32 ----A---- C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-16 10:46:27 ----A---- C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-16 10:46:27 ----A---- C:\WINDOWS\SysWOW64\rdpbase.dll
2018-05-16 10:46:27 ----A---- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-16 10:46:26 ----A---- C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-05-16 10:46:14 ----A---- C:\WINDOWS\SysWOW64\cdp.dll
2018-05-16 10:46:13 ----A---- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-16 10:46:13 ----A---- C:\WINDOWS\SysWOW64\tquery.dll
2018-05-16 10:46:13 ----A---- C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-05-16 10:45:52 ----A---- C:\WINDOWS\SysWOW64\dbgeng.dll
2018-05-16 10:45:51 ----A---- C:\WINDOWS\SysWOW64\WerFault.exe
2018-05-16 10:45:51 ----A---- C:\WINDOWS\SysWOW64\wer.dll
2018-05-16 10:45:50 ----A---- C:\WINDOWS\SysWOW64\tzres.dll
2018-05-16 10:45:50 ----A---- C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-16 10:45:48 ----A---- C:\WINDOWS\SysWOW64\wuapi.dll
2018-05-16 10:45:48 ----A---- C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-16 10:45:48 ----A---- C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-16 10:45:48 ----A---- C:\WINDOWS\SysWOW64\credssp.dll
2018-05-16 10:45:47 ----A---- C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-16 10:45:46 ----A---- C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-05-16 10:28:06 ----A---- C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-05-16 10:28:05 ----A---- C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-05-16 10:28:03 ----A---- C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-05-16 10:27:21 ----D---- C:\Program Files (x86)\Reference Assemblies
2018-05-16 10:27:21 ----D---- C:\Program Files (x86)\MSBuild
2018-05-16 10:26:20 ----A---- C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-05-16 10:26:19 ----A---- C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-05-16 10:26:19 ----A---- C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-05-16 09:18:15 ----DC---- C:\WINDOWS\Panther
======List of files/folders modified in the last 1 month======
2018-05-27 21:11:42 ----RD---- C:\Program Files (x86)
2018-05-27 21:11:29 ----SHDC---- C:\WINDOWS\Installer
2018-05-27 21:11:25 ----D---- C:\WINDOWS\System32
2018-05-27 21:11:24 ----D---- C:\WINDOWS\INF
2018-05-27 21:11:22 ----D---- C:\WINDOWS\Temp
2018-05-27 21:09:38 ----SHD---- C:\System Volume Information
2018-05-27 21:07:59 ----D---- C:\Program Files (x86)\Steam
2018-05-27 21:06:07 ----D---- C:\WINDOWS\AppReadiness
2018-05-27 21:06:07 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-05-27 21:05:57 ----D---- C:\ProgramData\NVIDIA
2018-05-27 16:58:28 ----RD---- C:\Program Files
2018-05-27 16:58:28 ----HD---- C:\ProgramData
2018-05-27 16:41:53 ----D---- C:\Users\Vojta\AppData\Roaming\TS3Client
2018-05-27 16:38:11 ----D---- C:\Users\Vojta\AppData\Roaming\Apple Computer
2018-05-27 16:17:56 ----D---- C:\Program Files (x86)\Common Files\Steam
2018-05-27 15:29:30 ----D---- C:\ProgramData\Apple Computer
2018-05-27 15:28:27 ----D---- C:\ProgramData\Apple
2018-05-27 15:28:20 ----D---- C:\Program Files (x86)\Common Files\Apple
2018-05-27 15:28:15 ----D---- C:\WINDOWS\SysWOW64
2018-05-27 14:27:29 ----D---- C:\Users\Vojta\AppData\Roaming\Skype
2018-05-26 21:10:48 ----D---- C:\WINDOWS\Logs
2018-05-26 21:10:24 ----RD---- C:\WINDOWS\Microsoft.NET
2018-05-25 14:44:30 ----D---- C:\Program Files (x86)\NoSimplerAccounting 8.1
2018-05-24 16:56:12 ----D---- C:\WINDOWS\CbsTemp
2018-05-24 16:55:24 ----D---- C:\WINDOWS\WinSxS
2018-05-24 01:24:30 ----AD---- C:\Program Files (x86)\TeamViewer
2018-05-23 12:41:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-23 12:41:01 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-05-20 15:52:05 ----D---- C:\Windows
2018-05-18 15:58:38 ----RD---- C:\WINDOWS\assembly
2018-05-18 10:06:36 ----D---- C:\WINDOWS\SoftwareDistribution
2018-05-18 04:13:51 ----D---- C:\WINDOWS\appcompat
2018-05-17 22:53:11 ----D---- C:\WINDOWS\LiveKernelReports
2018-05-17 22:53:11 ----D---- C:\WINDOWS\debug
2018-05-17 15:46:03 ----RD---- C:\WINDOWS\PrintDialog
2018-05-17 14:32:38 ----RSD---- C:\WINDOWS\Fonts
2018-05-17 14:32:37 ----D---- C:\WINDOWS\SysWOW64\Macromed
2018-05-17 14:32:34 ----D---- C:\WINDOWS\SHELLNEW
2018-05-17 14:32:32 ----D---- C:\WINDOWS\Help
2018-05-17 14:32:31 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-05-17 14:32:31 ----D---- C:\Program Files (x86)\Microsoft.NET
2018-05-17 14:32:31 ----AD---- C:\Program Files (x86)\Razer
2018-05-17 14:32:30 ----D---- C:\Program Files (x86)\Common Files\system
2018-05-17 14:32:30 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2018-05-17 14:32:30 ----D---- C:\Program Files (x86)\Common Files
2018-05-17 14:32:20 ----D---- C:\WINDOWS\Setup
2018-05-17 14:17:31 ----SD---- C:\ProgramData\Microsoft
2018-05-17 13:55:09 ----D---- C:\WINDOWS\Tasks
2018-05-17 13:54:02 ----D---- C:\WINDOWS\Registration
2018-05-17 13:48:48 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-05-17 13:38:38 ----RD---- C:\Users
2018-05-17 13:37:35 ----D---- C:\ProgramData\NVIDIA Corporation
2018-05-17 13:37:06 ----D---- C:\ProgramData\USOPrivate
2018-05-17 13:35:52 ----D---- C:\Program Files (x86)\Common Files\logishrd
2018-05-17 13:34:26 ----SHD---- C:\Recovery
2018-05-16 10:59:07 ----D---- C:\WINDOWS\twain_32
2018-05-16 10:55:12 ----D---- C:\Program Files (x86)\Windows Mail
2018-05-16 10:49:29 ----D---- C:\WINDOWS\TextInput
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\zu-ZA
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\yo-NG
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\xh-ZA
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\wo-SN
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\vi-VN
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\ur-PK
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\ug-CN
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\tt-RU
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\tn-ZA
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\tk-TM
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\ti-ET
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\te-IN
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\ta-IN
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\sw-KE
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\sq-AL
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\si-LK
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\setup
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\rw-RW
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\quz-PE
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\prs-AF
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\pa-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\or-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\nso-ZA
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\nn-NO
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ne-NP
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\mt-MT
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ms-MY
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\mr-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\mn-MN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ml-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\mk-MK
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\mi-NZ
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\lo-LA
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\lb-LU
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ky-KG
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\kok-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\kn-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\km-KH
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\kk-KZ
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ka-GE
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\is-IS
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ig-NG
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\id-ID
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\hy-AM
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\gu-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\gd-GB
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ga-IE
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\fil-PH
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\fa-IR
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\en-GB
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\cy-GB
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\chr-CHER-US
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\bn-IN
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\bn-BD
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\be-BY
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\as-IN
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\am-ET
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\af-ZA
2018-05-16 10:49:25 ----D---- C:\WINDOWS\Provisioning
2018-05-16 10:49:24 ----D---- C:\WINDOWS\bcastdvr
2018-05-16 10:49:24 ----D---- C:\WINDOWS\apppatch
2018-05-16 10:49:24 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\zh-TW
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\zh-CN
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\uk-UA
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\tr-TR
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\th-TH
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\sv-SE
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\sr-Latn-RS
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\sl-SI
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\sk-SK
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\ru-RU
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\ro-RO
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\pt-PT
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\pt-BR
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\pl-PL
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\nl-NL
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\nb-NO
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\lv-LV
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\lt-LT
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\ko-KR
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\ja-JP
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\it-IT
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\hu-HU
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\hr-HR
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\he-IL
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\fr-FR
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\fr-CA
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\fi-FI
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\et-EE
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\es-MX
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\es-ES
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\en-US
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\el-GR
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\de-DE
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\da-DK
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\bg-BG
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\ar-SA
2018-05-16 10:23:34 ----D---- C:\WINDOWS\OCR
2018-05-01 22:22:36 ----A---- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-04-30 15:27:14 ----SHD---- C:\$Recycle.Bin
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys []
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys []
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys []
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys []
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys []
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys []
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys []
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys []
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 29696]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys []
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys []
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys []
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys []
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys []
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys []
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys []
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys []
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys []
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys []
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys []
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys []
R2 rzpmgrk;rzpmgrk; \??\C:\WINDOWS\system32\drivers\rzpmgrk.sys []
R2 rzpnk;rzpnk; \??\C:\WINDOWS\system32\drivers\rzpnk.sys []
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys []
R3 lvrs64;@oem84.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs64.sys []
R3 LVUVC64;@oem60.inf,%PID_082D_DD%(UVC);Logitech HD Pro Webcam C920(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc64.sys []
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys []
R3 MBAMProtection;MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys []
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys []
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys []
R3 MEIx64;@oem93.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys []
R3 NVHDA;@oem72.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys []
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_2707c70d42c54b4e\nvlddmkm.sys [2018-02-01 17036560]
R3 nvvad_WaveExtensible;@oem21.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys []
R3 nvvhci;@oem40.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys []
R3 rt640x64;@oem17.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys []
R3 rzendpt;@oem34.inf,%rzendpt.SvcDesc%;rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys []
R3 rzmpos;@oem6.inf,%rzmpos.SvcDesc%;rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys []
R3 rzudd;@oem7.inf,%Razer.SvcDesc%;Razer Keyboard Driver; C:\WINDOWS\System32\drivers\rzudd.sys []
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys []
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys []
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys []
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys []
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys []
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys []
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys []
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys []
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys []
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys []
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys []
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys []
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys []
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys []
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys []
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys []
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys []
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys []
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys []
S3 CorsairVBusDriver;Corsair Bus; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys []
S3 CorsairVHidDriver;Corsair virtual device; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudbus.sys []
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys []
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys []
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys []
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys []
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys []
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys []
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys []
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys []
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys []
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys []
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys []
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys []
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys []
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys []
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys []
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys []
S3 Netaapl;@oem75.inf,%Netaapl.Service.DispName%;Apple Mobile Device Ethernet Service; C:\WINDOWS\System32\drivers\netaapl64.sys []
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys []
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-10-11 30144]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys []
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys []
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys []
S3 ReFSv1;ReFSv1; C:\WINDOWS\SysWOW64\drivers\ReFSv1.sys []
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys []
S3 rzbtendpt;Razer Bluetooth End Point; C:\WINDOWS\System32\drivers\rzbtendpt.sys []
S3 rzdaendpt;Razer DeathAdder end point; C:\WINDOWS\System32\drivers\rzdaendpt.sys []
S3 rzhnet;Razer Inc. External Display Driver; C:\WINDOWS\System32\Drivers\rzhnet.sys []
S3 rzjstk;Razer Virtual Joystick Driver; C:\WINDOWS\System32\drivers\rzjstk.sys []
S3 rzkeypadendpt;Razer Keypad Endpoint; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys []
S3 rzp1endpt;Razer platform 1 end point; C:\WINDOWS\System32\drivers\rzp1endpt.sys []
S3 rzvkeyboard;Razer Virtual Keyboard Driver; C:\WINDOWS\System32\drivers\rzvkeyboard.sys []
S3 rzvmouse;Razer Virtual Mouse; C:\WINDOWS\System32\drivers\rzvmouse.sys []
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys []
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-03-29 83768]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-05-17 317280]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R2 CDPUserSvc_6e777;Connected Devices Platform User Service_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-12-19 463856]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-11 460736]
R2 OneSyncSvc_6e777;Sync Host_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R2 Razer Chroma SDK Server;Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2018-01-10 439936]
R2 Razer Chroma SDK Service;Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2018-01-10 943232]
R2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2018-03-14 189776]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe []
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe []
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-05-17 7620096]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R3 PimIndexMaintenanceSvc_6e777;Contact Data_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-02 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BcastDVRUserService_6e777;GameDVR and Broadcast User Service_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BluetoothUserService_6e777;Bluetooth User Support Service_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicePickerUserSvc_6e777;DevicePicker_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicesFlowUserSvc_6e777;DevicesFlow_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe []
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-16 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-02 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 MessagingService_6e777;MessagingService_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-05-20 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 PrintWorkflowUserSvc_6e777;PrintWorkflow_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe []
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vojta at 2018-05-27 21:11:41
Microsoft Windows 10 Home
System drive C: has 1029 GB (54%) free of 1907 GB
Total RAM: 16337 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:53, on 27/05/2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Vojta\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Windows\syswow64\MsiExec.exe
C:\Users\Vojta\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Vojta.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Vojta\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH Authentication Agent (ssh-agent) - Unknown owner - C:\WINDOWS\System32\OpenSSH\ssh-agent.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 11926 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\16ewcldi.default
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.171 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2018-04-05 596664]
"ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2012-09-25 2629632]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2017-06-09 3191728]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Vojta\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-04-26 1624224]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-10-10 27832264]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-03-18 67384]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2018-03-18 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2018-03-18 356664]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2018-05-19 3200800]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-05-24 18364648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=lvcodec2.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-05-27 21:11:42 ----D---- C:\Program Files (x86)\trend micro
2018-05-27 21:11:41 ----D---- C:\rsit
2018-05-27 16:58:28 ----D---- C:\ProgramData\Malwarebytes
2018-05-27 16:56:31 ----HD---- C:\OneDriveTemp
2018-05-27 16:12:47 ----SHD---- C:\Config.Msi
2018-05-27 15:28:15 ----D---- C:\Program Files (x86)\Bonjour
2018-05-17 18:31:29 ----D---- C:\Users\Vojta\AppData\Roaming\AVAST Software
2018-05-17 18:18:59 ----D---- C:\ProgramData\AVAST Software
2018-05-17 15:44:49 ----D---- C:\ProgramData\Microsoft OneDrive
2018-05-17 14:32:23 ----D---- C:\Windows.old
2018-05-17 13:42:09 ----ASH---- C:\hiberfil.sys
2018-05-17 13:38:38 ----SD---- C:\Users\Vojta\AppData\Roaming\Microsoft
2018-05-17 13:37:17 ----A---- C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-05-17 13:37:17 ----A---- C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-05-17 13:37:17 ----A---- C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-05-17 13:37:16 ----D---- C:\Program Files (x86)\VulkanRT
2018-05-17 13:37:06 ----D---- C:\ProgramData\USOShared
2018-05-17 13:36:59 ----A---- C:\WINDOWS\SysWOW64\OpenCL.dll
2018-05-17 13:36:26 ----A---- C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-05-17 13:34:46 ----D---- C:\WINDOWS\Prefetch
2018-05-16 10:53:38 ----AS---- C:\WINDOWS\bootstat.dat
2018-05-16 10:52:21 ----D---- C:\WINDOWS\ServiceProfiles
2018-05-16 10:47:26 ----A---- C:\WINDOWS\SysWOW64\wmp.dll
2018-05-16 10:46:54 ----A---- C:\WINDOWS\SysWOW64\jscript.dll
2018-05-16 10:46:53 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-16 10:46:53 ----A---- C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-16 10:46:53 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-16 10:46:53 ----A---- C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-16 10:46:53 ----A---- C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-16 10:46:52 ----A---- C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-16 10:46:51 ----A---- C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-16 10:46:51 ----A---- C:\WINDOWS\SysWOW64\msfeeds.dll
2018-05-16 10:46:51 ----A---- C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-05-16 10:46:51 ----A---- C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-16 10:46:50 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-16 10:46:40 ----A---- C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-05-16 10:46:40 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-05-16 10:46:40 ----A---- C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-05-16 10:46:39 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-05-16 10:46:39 ----A---- C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-16 10:46:38 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2018-05-16 10:46:37 ----A---- C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-16 10:46:37 ----A---- C:\WINDOWS\SysWOW64\rasapi32.dll
2018-05-16 10:46:36 ----A---- C:\WINDOWS\SysWOW64\wininet.dll
2018-05-16 10:46:36 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-16 10:46:36 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-16 10:46:36 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-16 10:46:35 ----A---- C:\WINDOWS\SysWOW64\itss.dll
2018-05-16 10:46:35 ----A---- C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-16 10:46:33 ----A---- C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-16 10:46:32 ----A---- C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-16 10:46:27 ----A---- C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-16 10:46:27 ----A---- C:\WINDOWS\SysWOW64\rdpbase.dll
2018-05-16 10:46:27 ----A---- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-16 10:46:26 ----A---- C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-05-16 10:46:14 ----A---- C:\WINDOWS\SysWOW64\cdp.dll
2018-05-16 10:46:13 ----A---- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-16 10:46:13 ----A---- C:\WINDOWS\SysWOW64\tquery.dll
2018-05-16 10:46:13 ----A---- C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-05-16 10:45:52 ----A---- C:\WINDOWS\SysWOW64\dbgeng.dll
2018-05-16 10:45:51 ----A---- C:\WINDOWS\SysWOW64\WerFault.exe
2018-05-16 10:45:51 ----A---- C:\WINDOWS\SysWOW64\wer.dll
2018-05-16 10:45:50 ----A---- C:\WINDOWS\SysWOW64\tzres.dll
2018-05-16 10:45:50 ----A---- C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-16 10:45:48 ----A---- C:\WINDOWS\SysWOW64\wuapi.dll
2018-05-16 10:45:48 ----A---- C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-16 10:45:48 ----A---- C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-16 10:45:48 ----A---- C:\WINDOWS\SysWOW64\credssp.dll
2018-05-16 10:45:47 ----A---- C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-16 10:45:46 ----A---- C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-05-16 10:28:06 ----A---- C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-05-16 10:28:05 ----A---- C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-05-16 10:28:03 ----A---- C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-05-16 10:27:21 ----D---- C:\Program Files (x86)\Reference Assemblies
2018-05-16 10:27:21 ----D---- C:\Program Files (x86)\MSBuild
2018-05-16 10:26:20 ----A---- C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-05-16 10:26:19 ----A---- C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-05-16 10:26:19 ----A---- C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-05-16 09:18:15 ----DC---- C:\WINDOWS\Panther
======List of files/folders modified in the last 1 month======
2018-05-27 21:11:42 ----RD---- C:\Program Files (x86)
2018-05-27 21:11:29 ----SHDC---- C:\WINDOWS\Installer
2018-05-27 21:11:25 ----D---- C:\WINDOWS\System32
2018-05-27 21:11:24 ----D---- C:\WINDOWS\INF
2018-05-27 21:11:22 ----D---- C:\WINDOWS\Temp
2018-05-27 21:09:38 ----SHD---- C:\System Volume Information
2018-05-27 21:07:59 ----D---- C:\Program Files (x86)\Steam
2018-05-27 21:06:07 ----D---- C:\WINDOWS\AppReadiness
2018-05-27 21:06:07 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-05-27 21:05:57 ----D---- C:\ProgramData\NVIDIA
2018-05-27 16:58:28 ----RD---- C:\Program Files
2018-05-27 16:58:28 ----HD---- C:\ProgramData
2018-05-27 16:41:53 ----D---- C:\Users\Vojta\AppData\Roaming\TS3Client
2018-05-27 16:38:11 ----D---- C:\Users\Vojta\AppData\Roaming\Apple Computer
2018-05-27 16:17:56 ----D---- C:\Program Files (x86)\Common Files\Steam
2018-05-27 15:29:30 ----D---- C:\ProgramData\Apple Computer
2018-05-27 15:28:27 ----D---- C:\ProgramData\Apple
2018-05-27 15:28:20 ----D---- C:\Program Files (x86)\Common Files\Apple
2018-05-27 15:28:15 ----D---- C:\WINDOWS\SysWOW64
2018-05-27 14:27:29 ----D---- C:\Users\Vojta\AppData\Roaming\Skype
2018-05-26 21:10:48 ----D---- C:\WINDOWS\Logs
2018-05-26 21:10:24 ----RD---- C:\WINDOWS\Microsoft.NET
2018-05-25 14:44:30 ----D---- C:\Program Files (x86)\NoSimplerAccounting 8.1
2018-05-24 16:56:12 ----D---- C:\WINDOWS\CbsTemp
2018-05-24 16:55:24 ----D---- C:\WINDOWS\WinSxS
2018-05-24 01:24:30 ----AD---- C:\Program Files (x86)\TeamViewer
2018-05-23 12:41:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-23 12:41:01 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-05-20 15:52:05 ----D---- C:\Windows
2018-05-18 15:58:38 ----RD---- C:\WINDOWS\assembly
2018-05-18 10:06:36 ----D---- C:\WINDOWS\SoftwareDistribution
2018-05-18 04:13:51 ----D---- C:\WINDOWS\appcompat
2018-05-17 22:53:11 ----D---- C:\WINDOWS\LiveKernelReports
2018-05-17 22:53:11 ----D---- C:\WINDOWS\debug
2018-05-17 15:46:03 ----RD---- C:\WINDOWS\PrintDialog
2018-05-17 14:32:38 ----RSD---- C:\WINDOWS\Fonts
2018-05-17 14:32:37 ----D---- C:\WINDOWS\SysWOW64\Macromed
2018-05-17 14:32:34 ----D---- C:\WINDOWS\SHELLNEW
2018-05-17 14:32:32 ----D---- C:\WINDOWS\Help
2018-05-17 14:32:31 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-05-17 14:32:31 ----D---- C:\Program Files (x86)\Microsoft.NET
2018-05-17 14:32:31 ----AD---- C:\Program Files (x86)\Razer
2018-05-17 14:32:30 ----D---- C:\Program Files (x86)\Common Files\system
2018-05-17 14:32:30 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2018-05-17 14:32:30 ----D---- C:\Program Files (x86)\Common Files
2018-05-17 14:32:20 ----D---- C:\WINDOWS\Setup
2018-05-17 14:17:31 ----SD---- C:\ProgramData\Microsoft
2018-05-17 13:55:09 ----D---- C:\WINDOWS\Tasks
2018-05-17 13:54:02 ----D---- C:\WINDOWS\Registration
2018-05-17 13:48:48 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-05-17 13:38:38 ----RD---- C:\Users
2018-05-17 13:37:35 ----D---- C:\ProgramData\NVIDIA Corporation
2018-05-17 13:37:06 ----D---- C:\ProgramData\USOPrivate
2018-05-17 13:35:52 ----D---- C:\Program Files (x86)\Common Files\logishrd
2018-05-17 13:34:26 ----SHD---- C:\Recovery
2018-05-16 10:59:07 ----D---- C:\WINDOWS\twain_32
2018-05-16 10:55:12 ----D---- C:\Program Files (x86)\Windows Mail
2018-05-16 10:49:29 ----D---- C:\WINDOWS\TextInput
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\zu-ZA
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\yo-NG
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\xh-ZA
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\wo-SN
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\vi-VN
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\ur-PK
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\ug-CN
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\tt-RU
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\tn-ZA
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\tk-TM
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\ti-ET
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\te-IN
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\ta-IN
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\sw-KE
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\sq-AL
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\si-LK
2018-05-16 10:49:29 ----D---- C:\WINDOWS\SysWOW64\setup
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\rw-RW
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\quz-PE
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\prs-AF
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\pa-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\or-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\nso-ZA
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\nn-NO
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ne-NP
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\mt-MT
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ms-MY
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\mr-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\mn-MN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ml-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\mk-MK
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\mi-NZ
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\lo-LA
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\lb-LU
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ky-KG
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\kok-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\kn-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\km-KH
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\kk-KZ
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ka-GE
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\is-IS
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ig-NG
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\id-ID
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\hy-AM
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\gu-IN
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\gd-GB
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\ga-IE
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\fil-PH
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\fa-IR
2018-05-16 10:49:28 ----D---- C:\WINDOWS\SysWOW64\en-GB
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\cy-GB
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\chr-CHER-US
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\bn-IN
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\bn-BD
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\be-BY
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\as-IN
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\am-ET
2018-05-16 10:49:27 ----D---- C:\WINDOWS\SysWOW64\af-ZA
2018-05-16 10:49:25 ----D---- C:\WINDOWS\Provisioning
2018-05-16 10:49:24 ----D---- C:\WINDOWS\bcastdvr
2018-05-16 10:49:24 ----D---- C:\WINDOWS\apppatch
2018-05-16 10:49:24 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\zh-TW
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\zh-CN
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\uk-UA
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\tr-TR
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\th-TH
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\sv-SE
2018-05-16 10:28:18 ----D---- C:\WINDOWS\SysWOW64\sr-Latn-RS
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\sl-SI
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\sk-SK
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\ru-RU
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\ro-RO
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\pt-PT
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\pt-BR
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\pl-PL
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\nl-NL
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\nb-NO
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\lv-LV
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\lt-LT
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\ko-KR
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\ja-JP
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\it-IT
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\hu-HU
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\hr-HR
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\he-IL
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\fr-FR
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\fr-CA
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\fi-FI
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\et-EE
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\es-MX
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\es-ES
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\en-US
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\el-GR
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\de-DE
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\da-DK
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\bg-BG
2018-05-16 10:28:17 ----D---- C:\WINDOWS\SysWOW64\ar-SA
2018-05-16 10:23:34 ----D---- C:\WINDOWS\OCR
2018-05-01 22:22:36 ----A---- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-04-30 15:27:14 ----SHD---- C:\$Recycle.Bin
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys []
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys []
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys []
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys []
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys []
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys []
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys []
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys []
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 29696]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys []
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys []
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys []
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys []
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys []
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys []
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys []
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys []
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys []
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys []
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys []
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys []
R2 rzpmgrk;rzpmgrk; \??\C:\WINDOWS\system32\drivers\rzpmgrk.sys []
R2 rzpnk;rzpnk; \??\C:\WINDOWS\system32\drivers\rzpnk.sys []
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys []
R3 lvrs64;@oem84.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs64.sys []
R3 LVUVC64;@oem60.inf,%PID_082D_DD%(UVC);Logitech HD Pro Webcam C920(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc64.sys []
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys []
R3 MBAMProtection;MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys []
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys []
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys []
R3 MEIx64;@oem93.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys []
R3 NVHDA;@oem72.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys []
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_2707c70d42c54b4e\nvlddmkm.sys [2018-02-01 17036560]
R3 nvvad_WaveExtensible;@oem21.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys []
R3 nvvhci;@oem40.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys []
R3 rt640x64;@oem17.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys []
R3 rzendpt;@oem34.inf,%rzendpt.SvcDesc%;rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys []
R3 rzmpos;@oem6.inf,%rzmpos.SvcDesc%;rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys []
R3 rzudd;@oem7.inf,%Razer.SvcDesc%;Razer Keyboard Driver; C:\WINDOWS\System32\drivers\rzudd.sys []
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys []
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys []
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys []
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys []
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys []
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys []
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys []
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys []
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys []
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys []
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys []
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys []
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys []
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys []
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys []
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys []
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys []
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys []
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys []
S3 CorsairVBusDriver;Corsair Bus; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys []
S3 CorsairVHidDriver;Corsair virtual device; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudbus.sys []
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys []
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys []
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys []
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys []
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys []
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys []
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys []
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys []
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys []
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys []
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys []
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys []
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys []
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys []
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys []
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys []
S3 Netaapl;@oem75.inf,%Netaapl.Service.DispName%;Apple Mobile Device Ethernet Service; C:\WINDOWS\System32\drivers\netaapl64.sys []
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys []
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-10-11 30144]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys []
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys []
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys []
S3 ReFSv1;ReFSv1; C:\WINDOWS\SysWOW64\drivers\ReFSv1.sys []
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys []
S3 rzbtendpt;Razer Bluetooth End Point; C:\WINDOWS\System32\drivers\rzbtendpt.sys []
S3 rzdaendpt;Razer DeathAdder end point; C:\WINDOWS\System32\drivers\rzdaendpt.sys []
S3 rzhnet;Razer Inc. External Display Driver; C:\WINDOWS\System32\Drivers\rzhnet.sys []
S3 rzjstk;Razer Virtual Joystick Driver; C:\WINDOWS\System32\drivers\rzjstk.sys []
S3 rzkeypadendpt;Razer Keypad Endpoint; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys []
S3 rzp1endpt;Razer platform 1 end point; C:\WINDOWS\System32\drivers\rzp1endpt.sys []
S3 rzvkeyboard;Razer Virtual Keyboard Driver; C:\WINDOWS\System32\drivers\rzvkeyboard.sys []
S3 rzvmouse;Razer Virtual Mouse; C:\WINDOWS\System32\drivers\rzvmouse.sys []
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys []
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-03-29 83768]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-05-17 317280]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R2 CDPUserSvc_6e777;Connected Devices Platform User Service_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-12-19 463856]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-11 460736]
R2 OneSyncSvc_6e777;Sync Host_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R2 Razer Chroma SDK Server;Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2018-01-10 439936]
R2 Razer Chroma SDK Service;Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2018-01-10 943232]
R2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2018-03-14 189776]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe []
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe []
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-05-17 7620096]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R3 PimIndexMaintenanceSvc_6e777;Contact Data_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-02 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BcastDVRUserService_6e777;GameDVR and Broadcast User Service_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BluetoothUserService_6e777;Bluetooth User Support Service_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicePickerUserSvc_6e777;DevicePicker_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicesFlowUserSvc_6e777;DevicesFlow_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe []
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-16 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-02 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 MessagingService_6e777;MessagingService_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-05-20 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 PrintWorkflowUserSvc_6e777;PrintWorkflow_6e777; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe []
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
-----------------EOF-----------------