Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Po urcitom case PC zacne sekat

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
roki
Návštěvník
Návštěvník
Příspěvky: 101
Registrován: 29 zář 2005 13:16

Po urcitom case PC zacne sekat

#1 Příspěvek od roki »

Po dlhsom case sa na Vás opat obraciam s prosbou o pomoc.

Po nejakom case chodu PC (cca 6 a viac hodin) sa zacne prejavovat isté.. "sekanie".
Najviac je to vidiet pri prehrávani videa kde to kazdých x sekund proste sekne. Po restarte je to zase ok.

Nemám tucha čím by to mohlo byt :(
V čase písania tohto prispevku to napríklad uz seká ale vyuzitie CPU sa drzí pri zemi, teplota medzi 30-35 stupnov. GPU podobne.


Logfile of random's system information tool 1.10 (written by random/random)
Run by roman at 2018-03-24 17:38:29
Microsoft Windows 10 Pro
System drive C: has 205 GB (43%) free of 476 GB
Total RAM: 32689 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:38:31, on 24. 3. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Users\roman\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Winstep\Nexus.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AudioSwitch\AudioSwitch.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\trend micro\roman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\MIF5BA~1\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [XPE] "C:\Program Files (x86)\XPE Windows 10 DPI Fix\XPEWindows10_DPI.exe" -hide:100
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\roman\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Allway Sync] "C:\Program Files\Allway Sync\Bin\syncappw.exe" -m
O4 - HKCU\..\Run: [Nexus] C:\Program Files (x86)\Winstep\Nexus.exe autostart
O4 - HKCU\..\Run: [7 Taskbar Tweaker] "C:\Users\roman\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: AudioSwitch.lnk = C:\Program Files (x86)\AudioSwitch\AudioSwitch.exe
O4 - Startup: Odoslanie do aplikácie OneNote.lnk = C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE
O4 - Global Startup: Dell Display Manager.lnk = C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office16\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{b5e3a558-6488-4454-a502-8b82fc3206bc}: NameServer = 192.168.17.1,8.8.8.8
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O21 - SSODL: EldosMountNotificator-cbfs6 - {FDA28D58-2F87-4F10-B764-55EFBCF55159} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {FDA28D58-2F87-4F10-B764-55EFBCF55159} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Botkind Service (BotkindSyncService) - Unknown owner - C:\Program Files\Allway Sync\Bin\SyncService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2014 64-bit (mi-raysat_3dsmax2014_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2017 64-bit (mi-raysat_3dsmax2017_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vmcompute.exe,-100 (vmcompute) - Unknown owner - C:\WINDOWS\system32\vmcompute.exe (file missing)
O23 - Service: @%systemroot%\system32\vmms.exe,-10 (vmms) - Unknown owner - C:\WINDOWS\system32\vmms.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: Winstep Xtreme Service - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12782 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s BDESVC
c:\windows\system32\svchost.exe -k networkservice -s TermService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s UmRdpService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p

c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s HvHost
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s SessionEnv
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Tablet\Wacom\WTabletServicePro.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files\Allway Sync\Bin\SyncService.exe" service
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe"
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"

"C:\Program Files (x86)\Winstep\WsxService"
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\SearchIndexer.exe /Embedding

C:\WINDOWS\system32\vmms.exe
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
dashost.exe {7d47d18e-8e4e-4983-8a815227db1345da}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\vmcompute.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s hns
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -p -s SharedAccess
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
"C:\Program Files\Tablet\Wacom\WacomHost.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SEMgrSvc
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\roman\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\Allway Sync\Bin\syncappw.exe" -m
"C:\Program Files (x86)\Winstep\Nexus.exe" autostart
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AudioSwitch\AudioSwitch.exe"
"C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\totalcmd\TOTALCMD64.EXE"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"D:\Roman\Programy\SQLiteStudio\SQLiteStudio.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Users\roman\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe"
C:\Windows\System32\DataExchangeHost.exe -Embedding
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
"C:\Program Files\Opera\51.0.2830.55\opera.exe" --ran-launcher --started-from-shortcut
"C:\Program Files\Opera\51.0.2830.55\opera_crashreporter.exe" --ran-launcher --started-from-shortcut --crash-reporter-parent-id=8740
"C:\Program Files\Opera\51.0.2830.55\opera.exe" --type=gpu-process --field-trial-handle=1644,15263020018687148410,17359538177104638395,131072 --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=9632 --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --gpu-vendor-id=0x10de --gpu-device-id=0x1c03 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.9077 --gpu-driver-date=1-23-2018 --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=9632 --service-request-channel-token=B82B56B3CC54B57B1BE0E5970643E2FB --mojo-platform-channel-handle=1660 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\Opera\51.0.2830.55\opera.exe" --type=renderer --field-trial-handle=1644,15263020018687148410,17359538177104638395,131072 --service-pipe-token=9956106982A45838A2DE163EE9DAEC86 --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=9632 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=9956106982A45838A2DE163EE9DAEC86 --renderer-client-id=3 --mojo-platform-channel-handle=2780 /prefetch:1
"C:\Program Files\Opera\51.0.2830.55\opera.exe" --type=renderer --field-trial-handle=1644,15263020018687148410,17359538177104638395,131072 --service-pipe-token=3D337DD67FC91B2FA93B7516D8ABF040 --lang=sk --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=9632 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=3D337DD67FC91B2FA93B7516D8ABF040 --renderer-client-id=8 --mojo-platform-channel-handle=3400 /prefetch:1
"C:\Program Files\Opera\51.0.2830.55\opera.exe" --type=renderer --field-trial-handle=1644,15263020018687148410,17359538177104638395,131072 --service-pipe-token=7A71EC02EF7A9B1D0AA1A28DB12DF941 --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=9632 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=7A71EC02EF7A9B1D0AA1A28DB12DF941 --renderer-client-id=4 --mojo-platform-channel-handle=2836 /prefetch:1
"C:\Program Files\Opera\51.0.2830.55\opera.exe" --type=renderer --field-trial-handle=1644,15263020018687148410,17359538177104638395,131072 --service-pipe-token=CFC0A10E9FD4DCD5FAB9046BA637E76E --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=9632 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=CFC0A10E9FD4DCD5FAB9046BA637E76E --renderer-client-id=5 --mojo-platform-channel-handle=4580 /prefetch:1
"C:\Program Files\Opera\51.0.2830.55\opera.exe" --type=renderer --field-trial-handle=1644,15263020018687148410,17359538177104638395,131072 --service-pipe-token=9C4E71E4F9BE71FB07D71254FBD9A4FC --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=9632 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=9C4E71E4F9BE71FB07D71254FBD9A4FC --renderer-client-id=6 --mojo-platform-channel-handle=5004 /prefetch:1
"C:\Program Files\Opera\51.0.2830.55\opera.exe" --type=renderer --field-trial-handle=1644,15263020018687148410,17359538177104638395,131072 --service-pipe-token=95224C9D631DD4FD612034F651A27723 --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=9632 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=95224C9D631DD4FD612034F651A27723 --renderer-client-id=10 --mojo-platform-channel-handle=4876 /prefetch:1
"C:\Program Files\Opera\51.0.2830.55\opera.exe" --type=renderer --field-trial-handle=1644,15263020018687148410,17359538177104638395,131072 --service-pipe-token=0C6179605BCAB216723BA83D6490D12A --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=9632 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=0C6179605BCAB216723BA83D6490D12A --renderer-client-id=11 --mojo-platform-channel-handle=4784 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe"
taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\MSBuild\15.0\Bin\Roslyn\VBCSCompiler.exe" "-pipename:roman.F.hqnh6zB+n8iVik27Lt9aFdnYN"
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
C:\WINDOWS\system32\AUDIODG.EXE 0x628
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\roman\AppData\Roaming\Mozilla\Firefox\Profiles\6ir86kfq.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX® Web Player
"Path"=C:\Windows\system32\C2MP\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.161.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\MIF5BA~1\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\MICROS~3\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\MICROS~3\Office16\GROOVEEX.DLL [2015-07-31 2165976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-19 474688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\MIF5BA~1\Office16\GROOVEEX.DLL [2015-07-31 1512152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-19 188992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2017-07-10 17662072]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-12-11 297272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\roman\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-03-07 1559200]
"Allway Sync"=C:\Program Files\Allway Sync\Bin\syncappw.exe [2016-05-26 100904]
"Nexus"=C:\Program Files (x86)\Winstep\Nexus.exe [2017-01-27 13910656]
"AdobeBridge"= []
"7 Taskbar Tweaker"=C:\Users\roman\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [2017-10-19 424960]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2018-01-09 3237808]
"XPE"=C:\Program Files (x86)\XPE Windows 10 DPI Fix\XPEWindows10_DPI.exe [2015-08-21 28672]
"Autodesk Desktop App"=C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2016-07-01 721856]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2017-12-08 67896]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2016-11-16 318128]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19 587288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dell Display Manager.lnk - C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

C:\Users\roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AudioSwitch.lnk - C:\Program Files (x86)\AudioSwitch\AudioSwitch.exe
Odoslanie do aplikácie OneNote.lnk - C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
EldosMountNotificator-cbfs6 - {FDA28D58-2F87-4F10-B764-55EFBCF55159} - C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-21 196000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {FDA28D58-2F87-4F10-B764-55EFBCF55159} - C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-21 196000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"EnableCursorSuppression"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=3

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"vidc.XVID"=xvidvfw.dll
"vidc.MPG4"=MPG4c32.dll
"vidc.MP42"=MPG4c32.dll
"vidc.MP43"=MPG4c32.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"midi"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-03-24 10:10:57 ----D---- C:\Users\roman\AppData\Roaming\Musixmatch
2018-03-24 10:05:34 ----D---- C:\Users\roman\AppData\Roaming\mp3tagpro
2018-03-24 09:26:40 ----D---- C:\Program Files (x86)\Microsoft Web Tools
2018-03-24 09:26:31 ----D---- C:\Users\roman\AppData\Roaming\7+ Taskbar Tweaker
2018-03-24 09:24:52 ----D---- C:\Program Files (x86)\Windows Phone Kits
2018-03-24 09:24:25 ----D---- C:\Program Files (x86)\NuGet
2018-03-24 09:16:43 ----D---- C:\Users\roman\AppData\Roaming\Microsoft Visual Studio
2018-03-24 08:02:12 ----HD---- C:\OneDriveTemp
2018-03-18 08:10:54 ----D---- C:\Program Files (x86)\WondershareUpdate
2018-03-18 08:10:46 ----D---- C:\Users\roman\AppData\Roaming\Wondershare
2018-03-18 08:10:18 ----D---- C:\ProgramData\GraphicsType
2018-03-18 08:09:52 ----D---- C:\ProgramData\Wondershare
2018-03-18 08:09:52 ----D---- C:\Program Files (x86)\Wondershare
2018-03-18 07:55:48 ----D---- C:\Program Files (x86)\4KDownload
2018-03-16 16:42:29 ----D---- C:\Program Files (x86)\ImageWriter
2018-03-14 10:49:49 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2018-03-14 10:49:49 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-03-14 10:49:49 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-03-14 10:49:49 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-03-14 10:49:49 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-03-14 10:49:49 ----A---- C:\WINDOWS\SYSWOW64\AcSpecfc.dll
2018-03-14 10:49:49 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-14 10:49:49 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-14 10:49:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-14 10:49:48 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-03-14 10:49:48 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-03-14 10:49:48 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-03-14 10:49:47 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-03-14 10:49:47 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-03-14 10:49:47 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-03-14 10:49:47 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2018-03-14 10:49:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-03-14 10:49:47 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2018-03-14 10:49:46 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-03-14 10:49:46 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-03-14 10:49:46 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-03-14 10:49:46 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-03-14 10:49:46 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2018-03-14 10:49:46 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2018-03-14 10:49:46 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-03-14 10:49:46 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-03-14 10:49:46 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2018-03-14 10:49:45 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-03-14 10:49:45 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-03-14 10:49:45 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2018-03-14 10:49:45 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2018-03-14 10:49:45 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2018-03-14 10:49:45 ----A---- C:\WINDOWS\system32\drivers\storufs.sys
2018-03-14 10:49:45 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2018-03-14 10:49:45 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-03-14 10:49:45 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2018-03-14 10:49:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-03-14 10:49:44 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-03-14 10:49:44 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-03-14 10:49:44 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2018-03-14 10:49:44 ----A---- C:\WINDOWS\system32\vmwp.exe
2018-03-14 10:49:44 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-03-14 10:49:44 ----A---- C:\WINDOWS\system32\samsrv.dll
2018-03-14 10:49:44 ----A---- C:\WINDOWS\system32\drivers\vmbusr.sys
2018-03-14 10:49:44 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2018-03-14 10:49:44 ----A---- C:\WINDOWS\system32\DbgModel.dll
2018-03-14 10:49:43 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-03-14 10:49:43 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-03-14 10:49:43 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-03-14 10:49:43 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-03-14 10:49:43 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-03-14 10:49:43 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-03-14 10:49:43 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-03-14 10:49:43 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-03-14 10:49:43 ----A---- C:\WINDOWS\system32\drivers\UcmUcsi.sys
2018-03-14 10:49:43 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-03-14 10:49:42 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-03-14 10:49:42 ----A---- C:\WINDOWS\system32\jscript.dll
2018-03-14 10:49:42 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-03-14 10:49:42 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-03-14 10:49:42 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-03-14 10:49:42 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2018-03-14 10:49:42 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-03-14 10:49:41 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2018-03-14 10:49:41 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-03-14 10:49:41 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2018-03-14 10:49:41 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-14 10:49:41 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-03-14 10:49:41 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-03-14 10:49:41 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-03-14 10:49:41 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-03-14 10:49:41 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2018-03-14 10:49:41 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-03-14 10:49:40 ----A---- C:\WINDOWS\system32\wininet.dll
2018-03-14 10:49:40 ----A---- C:\WINDOWS\system32\msIso.dll
2018-03-14 10:49:40 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-03-14 10:49:40 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2018-03-14 10:49:40 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-03-14 10:49:40 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2018-03-14 10:49:40 ----A---- C:\WINDOWS\system32\AcSpecfc.dll
2018-03-14 10:49:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-03-14 10:49:39 ----A---- C:\WINDOWS\system32\drivers\vmswitch.sys
2018-03-14 10:49:39 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2018-03-14 10:49:38 ----A---- C:\WINDOWS\system32\winmde.dll
2018-03-14 10:49:38 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-03-14 10:49:38 ----A---- C:\WINDOWS\system32\mfplat.dll
2018-03-14 10:49:38 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-03-14 10:49:38 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-03-14 10:49:38 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-03-14 10:49:37 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2018-03-14 10:49:37 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-03-14 10:49:37 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-03-14 10:49:37 ----A---- C:\WINDOWS\system32\zipfldr.dll
2018-03-14 10:49:37 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-03-14 10:49:37 ----A---- C:\WINDOWS\system32\winsrv.dll
2018-03-14 10:49:37 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-03-14 10:49:37 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-03-14 10:49:37 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-03-14 10:49:37 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-03-14 10:49:36 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-03-14 10:49:36 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-03-14 10:49:36 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-03-14 10:49:36 ----A---- C:\WINDOWS\system32\shell32.dll
2018-03-14 10:49:35 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-03-14 10:49:35 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2018-03-14 10:49:34 ----A---- C:\WINDOWS\system32\usocore.dll
2018-03-14 10:49:34 ----A---- C:\WINDOWS\system32\usoapi.dll
2018-03-14 10:49:34 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-03-14 10:49:34 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-14 10:49:34 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-14 10:49:34 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-14 10:49:31 ----A---- C:\WINDOWS\system32\winresume.exe
2018-03-14 10:49:31 ----A---- C:\WINDOWS\system32\winload.exe
2018-03-14 10:49:31 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-03-14 10:49:30 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\Windows.Payments.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\invagent.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\devinv.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\cldapi.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\cdp.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\aepic.dll
2018-03-14 10:49:30 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-03-14 10:49:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Payments.dll
2018-03-14 10:49:29 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2018-03-14 10:49:29 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2018-03-14 10:49:29 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2018-03-14 10:49:29 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-03-14 10:49:29 ----A---- C:\WINDOWS\SYSWOW64\AuthFWSnapin.dll
2018-03-14 10:49:29 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2018-03-14 10:49:29 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-14 10:49:29 ----A---- C:\WINDOWS\system32\msi.dll
2018-03-14 10:49:29 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-03-14 10:49:29 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2018-03-14 10:49:29 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2018-03-14 10:49:29 ----A---- C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-14 10:49:29 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\SYSWOW64\msisip.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\SYSWOW64\HoloShellRuntime.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\SYSWOW64\credssp.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\UsoClient.exe
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\updatecsp.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\TSpkg.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\svf.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\racpldlg.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\offlinesam.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\msra.exe
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\msisip.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\drivers\wcnfs.sys
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\drivers\isapnp.sys
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\drivers\HdAudio.sys
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\drivers\ataport.sys
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\credssp.dll
2018-03-14 10:49:28 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2018-03-07 19:45:07 ----D---- C:\Users\roman\AppData\Roaming\Spotify
2018-03-01 10:31:33 ----D---- C:\WINDOWS\system32\drivers\wd

======List of files/folders modified in the last 1 month======

2018-03-24 17:38:31 ----D---- C:\Program Files\trend micro
2018-03-24 17:31:36 ----D---- C:\WINDOWS\Prefetch
2018-03-24 16:52:06 ----D---- C:\WINDOWS\system32\sru
2018-03-24 16:11:09 ----D---- C:\Users\roman\AppData\Roaming\sqlitestudio
2018-03-24 16:02:38 ----D---- C:\WINDOWS\Temp
2018-03-24 16:02:37 ----D---- C:\WINDOWS\system32\SleepStudy
2018-03-24 10:09:57 ----D---- C:\Users\roman\AppData\Roaming\MusicBee
2018-03-24 10:08:55 ----RD---- C:\Program Files (x86)
2018-03-24 09:37:37 ----RD---- C:\WINDOWS\Microsoft.NET
2018-03-24 09:28:16 ----D---- C:\Users\roman\AppData\Roaming\Visual Studio Setup
2018-03-24 09:27:12 ----SHD---- C:\WINDOWS\Installer
2018-03-24 09:27:11 ----D---- C:\Program Files (x86)\Microsoft SDKs
2018-03-24 09:27:04 ----RD---- C:\WINDOWS\assembly
2018-03-24 09:26:27 ----D---- C:\Program Files\IIS Express
2018-03-24 09:26:27 ----D---- C:\Program Files (x86)\IIS Express
2018-03-24 09:24:44 ----SD---- C:\ProgramData\Microsoft
2018-03-24 09:24:42 ----D---- C:\WINDOWS\SysWOW64
2018-03-24 09:24:41 ----D---- C:\WINDOWS\System32
2018-03-24 09:24:34 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2018-03-24 09:21:52 ----AD---- C:\Program Files\dotnet
2018-03-24 09:21:50 ----D---- C:\ProgramData\Package Cache
2018-03-24 09:21:38 ----D---- C:\Program Files (x86)\Common Files
2018-03-24 09:21:28 ----D---- C:\Program Files\Common Files\microsoft shared
2018-03-24 09:21:07 ----D---- C:\Program Files (x86)\Windows Kits
2018-03-24 09:17:14 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-03-24 09:17:12 ----SHD---- C:\System Volume Information
2018-03-24 08:03:50 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-24 08:03:50 ----AD---- C:\Program Files\Mozilla Firefox
2018-03-24 08:03:17 ----D---- C:\Users\roman\AppData\Roaming\WTablet
2018-03-24 07:50:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-24 07:50:04 ----D---- C:\WINDOWS\DeliveryOptimization
2018-03-24 07:43:57 ----D---- C:\ProgramData\NVIDIA
2018-03-23 21:43:58 ----D---- C:\WINDOWS\Logs
2018-03-23 21:43:54 ----D---- C:\Windows
2018-03-23 20:11:45 ----D---- C:\Users\roman\AppData\Roaming\KeePass
2018-03-23 18:56:09 ----D---- C:\WINDOWS\system32\LogFiles
2018-03-23 18:56:02 ----D---- C:\WINDOWS\system32\config
2018-03-23 16:49:22 ----HD---- C:\Program Files\WindowsApps
2018-03-23 16:49:22 ----D---- C:\WINDOWS\AppReadiness
2018-03-22 07:13:04 ----D---- C:\WINDOWS\INF
2018-03-21 21:17:56 ----D---- C:\WINDOWS\SoftwareDistribution
2018-03-21 21:06:58 ----D---- C:\Users\roman\AppData\Roaming\XnView
2018-03-21 21:06:58 ----D---- C:\Program Files (x86)\Steam
2018-03-21 21:06:55 ----D---- C:\WINDOWS\debug
2018-03-21 18:42:21 ----AD---- C:\Program Files (x86)\Microsoft VS Code
2018-03-18 08:10:18 ----HD---- C:\ProgramData
2018-03-18 08:09:52 ----RSD---- C:\WINDOWS\Fonts
2018-03-18 08:05:22 ----D---- C:\Users\roman\AppData\Roaming\vlc
2018-03-18 07:58:58 ----D---- C:\Program Files\GoPro
2018-03-18 07:55:49 ----SD---- C:\Users\roman\AppData\Roaming\Microsoft
2018-03-17 20:11:19 ----D---- C:\WINDOWS\system32\DriverStore
2018-03-17 20:11:18 ----D---- C:\WINDOWS\WinSxS
2018-03-17 19:41:56 ----D---- C:\Users\roman\AppData\Roaming\Exodus
2018-03-17 13:47:21 ----D---- C:\Users\roman\AppData\Roaming\HandBrake
2018-03-17 09:03:24 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2018-03-16 18:34:42 ----D---- C:\WINDOWS\rescache
2018-03-14 17:18:24 ----D---- C:\WINDOWS\system32\Tasks
2018-03-14 15:40:07 ----D---- C:\WINDOWS\system32\catroot2
2018-03-14 13:17:50 ----D---- C:\WINDOWS\system32\drivers
2018-03-14 11:30:35 ----D---- C:\WINDOWS\TextInput
2018-03-14 11:30:34 ----D---- C:\WINDOWS\system32\sk-SK
2018-03-14 11:30:34 ----D---- C:\WINDOWS\system32\en-US
2018-03-14 11:30:34 ----D---- C:\WINDOWS\system32\Boot
2018-03-14 11:30:34 ----D---- C:\WINDOWS\system32\appraiser
2018-03-14 11:30:34 ----D---- C:\WINDOWS\ShellExperiences
2018-03-14 11:30:34 ----D---- C:\WINDOWS\PolicyDefinitions
2018-03-14 11:30:34 ----D---- C:\WINDOWS\apppatch
2018-03-14 11:30:29 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-03-14 10:52:29 ----D---- C:\WINDOWS\system32\MRT
2018-03-14 10:52:27 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-14 10:52:23 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-03-14 10:50:33 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-03-14 10:50:32 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-03-14 09:42:09 ----D---- C:\WINDOWS\CbsTemp
2018-03-11 18:27:43 ----D---- C:\WINDOWS\system32\NDF
2018-03-09 15:35:35 ----AD---- C:\Program Files\Opera
2018-03-03 11:18:45 ----D---- C:\Users\roman\AppData\Roaming\Notepad++
2018-03-02 22:09:11 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-03-01 10:41:41 ----RD---- C:\Program Files\Windows Defender
2018-02-27 18:41:45 ----RD---- C:\Program Files
2018-02-25 08:13:05 ----D---- C:\WINDOWS\AutoKMS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2017-09-30 293272]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 cbfs6;cbfs6; \??\C:\Windows\system32\drivers\cbfs6.sys [2016-09-21 460992]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R1 MpKslc504ba25;MpKslc504ba25; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4C461F2B-4241-4312-AD4E-5D942A726A84}\MpKslc504ba25.sys [2018-03-24 58120]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 LGCoreTemp;Logitech CPU Core Tempurature; \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [2015-06-21 14184]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
R3 hvsocketcontrol;hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [2017-09-30 26112]
R3 LGBusEnum;@oem9.inf,%LGBusEnum.SVCDESC%;Logitech Gaming Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\LGBusEnum.sys [2017-07-10 36496]
R3 LGJoyXlCore;@oem9.inf,%LGJoyXlCore.SVCDESC%;Logitech Translation Layer Driver (LGS); C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [2017-07-10 67736]
R3 MEIx64;@oem16.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2017-07-27 206496]
R3 NVHDA;@oem47.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2017-11-09 233904]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [2018-01-24 17493824]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-09-29 604160]
R3 SteamStreamingMicrophone;@oem12.inf,%SteamStreamingMicrophone.SvcDesc%;Steam Streaming Microphone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [2017-07-28 40736]
R3 SteamStreamingSpeakers;@oem26.inf,%SteamStreamingSpeakers.SvcDesc%;Steam Streaming Speakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [2017-07-21 40736]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2017-09-30 126872]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2017-09-30 158616]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2017-09-30 143768]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 dg_ssudbus;@oem25.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 LGVirHid;@oem42.inf,%LGVirHid.SVCDESC%;Logitech Gamepanel Virtual HID Device Driver; C:\WINDOWS\system32\drivers\LGVirHid.sys [2017-07-10 26008]
S3 lunparser;@%systemroot%\system32\drivers\lunparser.sys,-10010; C:\WINDOWS\system32\drivers\lunparser.sys [2017-09-30 23040]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 passthruparser;@%systemroot%\system32\drivers\passthruparser.sys,-10010; C:\WINDOWS\system32\drivers\passthruparser.sys [2017-09-30 24064]
S3 pcip;@wpcip.inf,%pcip.SVCDESC%;PCI Proxy driver; C:\WINDOWS\System32\drivers\pcip.sys [2017-09-30 48128]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 pvhdparser;@%systemroot%\system32\drivers\pvhdparser.sys,-10010; C:\WINDOWS\system32\drivers\pvhdparser.sys [2017-09-30 51712]
S3 ramparser;@%systemroot%\system32\drivers\ramparser.sys,-10010; C:\WINDOWS\system32\drivers\ramparser.sys [2017-09-30 31744]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]
S3 ssudmdm;@oem34.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2016-07-01 1295376]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-11-27 83768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 BotkindSyncService;Botkind Service; C:\Program Files\Allway Sync\Bin\SyncService.exe [2016-05-26 262144]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_275cc6;Connected Devices Platform User Service_275cc6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2017-09-28 21304]
R2 LogiRegistryService;Logitech Gaming Registry Service; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [2017-07-10 225400]
R2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [2011-09-15 86016]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-01-24 462920]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-01-24 460872]
R2 OneSyncSvc_275cc6;Sync Host_275cc6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-03-01 519152]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2016-04-30 131776]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
R3 hns;@%systemroot%\system32\HostNetSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_275cc6;Kontaktné údaje_275cc6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-11 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-09-29 52856]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_275cc6;DevicesFlow_275cc6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2017-03-01 1591264]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-11-30 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-11 153752]
S3 HgClientService;@%SystemRoot%\System32\hgclientservice.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-12-11 672568]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_275cc6;MessagingService_275cc6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 mi-raysat_3dsmax2017_64;mental ray Satellite for Autodesk 3ds Max 2017 64-bit; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [2011-09-15 86016]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-03-24 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_275cc6;PrintWorkflow_275cc6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-11-26 4329952]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-03-02 956416]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S4 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-02-27 2227312]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2018-02-10 819096]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po urcitom case PC zacne sekat

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

roki
Návštěvník
Návštěvník
Příspěvky: 101
Registrován: 29 zář 2005 13:16

Re: Po urcitom case PC zacne sekat

#3 Příspěvek od roki »

# AdwCleaner 7.0.8.0 - Logfile created on Sat Mar 24 17:09:24 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\sovic\AppData\Local\Musixmatch
Deleted: C:\Users\sovic\AppData\Roaming\Musixmatch
Deleted: C:\Users\sovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Musixmatch


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1206 B] - [2018/3/24 17:7:23]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po urcitom case PC zacne sekat

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

roki
Návštěvník
Návštěvník
Příspěvky: 101
Registrován: 29 zář 2005 13:16

Re: Po urcitom case PC zacne sekat

#5 Příspěvek od roki »

Logy z FRST
Přílohy
frst.zip
(31.96 KiB) Staženo 66 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po urcitom case PC zacne sekat

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\Program Files\Allway Sync\Bin\SyncService.exe
    File: C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
    File: C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
    File: C:\Program Files (x86)\Winstep\WsxService.exe
    
    HKU\S-1-5-21-2567772305-2493399478-1946925476-1001\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-2567772305-2493399478-1946925476-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll [No File]
    FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
    2018-02-25 08:13 - 2017-01-29 10:10 - 000000000 ____D C:\WINDOWS\AutoKMS
    Task: {BC112680-2251-47D9-BB25-5585FC84F71D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

roki
Návštěvník
Návštěvník
Příspěvky: 101
Registrován: 29 zář 2005 13:16

Re: Po urcitom case PC zacne sekat

#7 Příspěvek od roki »

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by roman (25-03-2018 14:09:27) Run:1
Running from C:\Users\roman\Desktop
Loaded Profiles: roman (Available Profiles: defaultuser0 & roman & Lucia & Oci)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Program Files\Allway Sync\Bin\SyncService.exe
File: C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
File: C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
File: C:\Program Files (x86)\Winstep\WsxService.exe

HKU\S-1-5-21-2567772305-2493399478-1946925476-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2567772305-2493399478-1946925476-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
2018-02-25 08:13 - 2017-01-29 10:10 - 000000000 ____D C:\WINDOWS\AutoKMS
Task: {BC112680-2251-47D9-BB25-5585FC84F71D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Program Files\Allway Sync\Bin\SyncService.exe ========================

C:\Program Files\Allway Sync\Bin\SyncService.exe
File not signed
MD5: 0C831D4FA038A249FAB57170CEE5E501
Creation and modification date: 2017-01-27 18:50 - 2016-05-26 15:19
Size: 000262144
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/b73f869 ... 512424577/

====== End of File: ======


========================= File: C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe ========================

C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
File not signed
MD5: 0AF89452A8CE3928168F4E5B2208C68B
Creation and modification date: 2011-09-15 06:19 - 2011-09-15 06:19
Size: 000086016
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/571f1a9 ... 521911416/

====== End of File: ======


========================= File: C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe ========================

C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
File not signed
MD5: 7D87A129A6F4FA468244F0D812B1D0A5
Creation and modification date: 2017-09-28 18:17 - 2017-09-28 18:17
Size: 000187904
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: Wex.Services.Downlevel-External
Original Name: Wex.Services.exe
Product: Test Authoring and Execution Framework
Description: Wex.Services [v10.13k]
File Version: 10.13.1707.10002
Product Version: 10.13.170710002-rs3
Copyright: ©Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/e5f0909 ... 521775561/

====== End of File: ======


========================= File: C:\Program Files (x86)\Winstep\WsxService.exe ========================

C:\Program Files (x86)\Winstep\WsxService.exe
File not signed
MD5: D989A900F2B0E62131A43E3D1D79AA9A
Creation and modification date: 2017-01-27 18:53 - 2016-06-07 06:56
Size: 000774656
Attributes: ----A
Company Name: Winstep Software Technologies
Internal Name: WsxService
Original Name: WsxService.exe
Product: WsxService
Description: Winstep Helper Service
File Version: 16.06.0093
Product Version: 16.06.0093
Copyright: Copyright 2008-2016 Jorge M.R.Coelho - Winstep Software Technologies
VirusTotal: https://www.virustotal.com/file/3d963f1 ... 517688020/

====== End of File: ======

"HKU\S-1-5-21-2567772305-2493399478-1946925476-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
"HKU\S-1-5-21-2567772305-2493399478-1946925476-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
"HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin" => removed successfully
C:\WINDOWS\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC112680-2251-47D9-BB25-5585FC84F71D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC112680-2251-47D9-BB25-5585FC84F71D}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 59861542 B
Java, Flash, Steam htmlcache => 355413255 B
Windows/system/drivers => 217569367 B
Edge => 0 B
Chrome => 20873675 B
Firefox => 38210088 B
Opera => 556137052 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 74288 B
defaultuser0 => 0 B
roman => 773931813 B
Lucia => 811945 B
Oci => 401632537 B

RecycleBin => 3214702 B
EmptyTemp: => 2.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 25-03-2018 14:10:42)


Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.

==== End of Fixlog 14:10:42 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po urcitom case PC zacne sekat

#8 Příspěvek od Conder »

:arrow: Ako to vyzera s PC? Nastala nejaka zmena?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

roki
Návštěvník
Návštěvník
Příspěvky: 101
Registrován: 29 zář 2005 13:16

Re: Po urcitom case PC zacne sekat

#9 Příspěvek od roki »

Ako som písal, deje sa to az po x hodinách. Aj to nie vzdy.
Realne to vyskusam mozno az najblizsi víkend.

Keby to nepomohlo tak sa ozvem, nechajte mi to tu prosim otvorené :)

Zatial diky :)

roki
Návštěvník
Návštěvník
Příspěvky: 101
Registrován: 29 zář 2005 13:16

Re: Po urcitom case PC zacne sekat

#10 Příspěvek od roki »

// ups.. omylom som to postol dvakrát - prosim toto vymazat
Naposledy upravil(a) roki dne 25 bře 2018 13:29, celkem upraveno 1 x.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po urcitom case PC zacne sekat

#11 Příspěvek od Conder »

OK, zatial nie je zaco :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

roki
Návštěvník
Návštěvník
Příspěvky: 101
Registrován: 29 zář 2005 13:16

Re: Po urcitom case PC zacne sekat

#12 Příspěvek od roki »

Takze situacia sa nezlepšila :(

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po urcitom case PC zacne sekat

#13 Příspěvek od Conder »

:arrow: Urob v MBAM uplny sken
  • Stiahni a nainstaluj Malwarebytes (MBAM): https://www.malwarebytes.com/mwb-download/thankyou/
  • Ignoruj skusobnu trial verziu
  • Otvor MBAM a vlavo klikni na "Skenovat"
  • Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
  • Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Vyhladavat rootkity"
  • Klikni na Skenovat teraz a pockaj na dokoncenie
  • Po dokonceni klikni na Exportovat zhrnutie -> Textovy subor, zadaj nejaky nazov suboru a uloz na plochu
  • Obsah tohto suboru sem skopiruj
  • Obrazkovy navod (bohuzial pre starsiu verziu): https://forum.viry.cz/viewtopic.php?f=29&t=144868
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

roki
Návštěvník
Návštěvník
Příspěvky: 101
Registrován: 29 zář 2005 13:16

Re: Po urcitom case PC zacne sekat

#14 Příspěvek od roki »

Nic nenašlo..

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 31.03.18
Čas skenovania: 20:45
Súbor denníka: a0273a58-3513-11e8-bf71-74d435a924bc.json
Správca: Áno

-Údaje o softvéri-
Verzia: 3.4.5.2467
Verzia súčastí: 1.0.342
Aktualizovať verziu balíka: 1.0.4568
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 10 (Build 16299.309)
Procesor: x64
Systém súborov: NTFS
Používateľ: ROMANsDesktop\roman

-Zhrnutie skenovania-
Typ skenovania: Vlastné skenovanie
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 1245402
Zistené hrozby: 0
(Nezistili sa nijaké škodlivé položky)
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 1 h, 8 min, 17 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Povolené
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 0
(Nezistili sa nijaké škodlivé položky)

Súbor: 0
(Nezistili sa nijaké škodlivé položky)

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)


(end)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po urcitom case PC zacne sekat

#15 Příspěvek od Conder »

:arrow: PC je v tom pripade cisty, co sa tyka malware.

:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    DISM.exe /Online /Cleanup-image /Restorehealth
  • Po dokonceni skopiruj a spusti druhy prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt
  • Na ploche sa vytvori subory sfcdetails.txt a dism.txt, tieto subory posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
:arrow: Stiahni CrystalDiskInfo: https://crystalmark.info/redirect.php?p ... alDiskInfo
  • Rozbal cely archiv na plochu a spusti cez DiskInfo64.exe
  • Hore klikni na Upravy (Edit) -> Kopirovat (Copy)
  • Skopiruje sa log, jeho obsah vloz (Ctrl+V) do dalsej odpovedi
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět